www.gfa.org Open in urlscan Pro
35.199.187.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://email.mg.gfa.org/c/eJw0yTtuwzAMANDTSKNBUdSng4YO1QV6gIJmKMeIExeyDKO375T53UqOmahZLS5BzD7EFOy9fHiPznkXlNPcJKgjScQs4B...
Effective URL:
https://www.gfa.org/offer/freebook/
Submission: On February 02 via manual (February 2nd 2024, 5:26:51 am UTC) from PH — Scanned from DE

Summary HTTP 63 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 17 domains to perform 63 HTTP transactions. The main IP is 35.199.187.27, located in The Dalles, United States and belongs to GOOGLE, US. The main domain is www.gfa.org.
TLS certificate: Issued by R3 on December 24th 2023. Valid for: 3 months.

This is the only time www.gfa.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	34.102.239.211 34.102.239.211	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.199.187.27 35.199.187.27	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:5b0::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
22	2606:4700:20:... 2606:4700:20::681a:324	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
8 8	2606:4700:20:... 2606:4700:20::ac43:4812	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
5	2606:4700::68... 2606:4700::6813:9308	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.242.7 18.66.242.7	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2620:1ec:46::62 2620:1ec:46::62	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	18.66.248.47 18.66.248.47	16509 (AMAZON-02) (AMAZON-02)
1	18.66.122.72 18.66.122.72	16509 (AMAZON-02) (AMAZON-02)
2	23.96.124.156 23.96.124.156	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.194.182.162 54.194.182.162	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	68.219.88.97 68.219.88.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
63	23

1 34.102.239.211 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 211.239.102.34.bc.googleusercontent.com

email.mg.gfa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.199.187.27 (The Dalles, United States)

ASN15169 (GOOGLE, US)
PTR: 27.187.199.35.bc.googleusercontent.com

www.gfa.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:5b0::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700:20::681a:324 (United States)

ASN13335 (CLOUDFLARENET, US)

gfamedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:20::ac43:4812 (United States) 8 redirects

ASN13335 (CLOUDFLARENET, US)

www.gfamedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.242.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-242-7.dus51.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:46::62 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-47.dus51.r.cloudfront.net

pagestates-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-72.fra60.r.cloudfront.net

assets-tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.96.124.156 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

w.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.182.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-182-162.eu-west-1.compute.amazonaws.com

tracking.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.219.88.97 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	gfamedia.org 8 redirects gfamedia.org www.gfamedia.org	188 KB
8	crazyegg.com script.crazyegg.com — Cisco Umbrella Rank: 2238 pagestates-tracking.crazyegg.com — Cisco Umbrella Rank: 5205 assets-tracking.crazyegg.com — Cisco Umbrella Rank: 5306 tracking.crazyegg.com — Cisco Umbrella Rank: 4181	39 KB
7	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 747 w.clarity.ms — Cisco Umbrella Rank: 7494 c.clarity.ms — Cisco Umbrella Rank: 1351	29 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 376 c.bing.com — Cisco Umbrella Rank: 247	16 KB
3	gstatic.com fonts.gstatic.com	96 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	73 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	276 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 ajax.googleapis.com — Cisco Umbrella Rank: 369	36 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	216 B
2	gfa.org 1 redirects email.mg.gfa.org www.gfa.org	12 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	3 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	252 B
1	google.de www.google.de — Cisco Umbrella Rank: 6518	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 79	252 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2616	252 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	820 B
1	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 824	66 KB
63	17

	Domain	Requested by
22	gfamedia.org	www.gfa.org gfamedia.org
8	www.gfamedia.org	8 redirects
5	script.crazyegg.com	www.gfa.org script.crazyegg.com dnn506yrbagrg.cloudfront.net
3	www.clarity.ms	www.gfa.org bat.bing.com www.clarity.ms
3	bat.bing.com	www.gfa.org bat.bing.com
3	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.gfa.org connect.facebook.net
3	www.googletagmanager.com	www.gfa.org www.googletagmanager.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	www.gfa.org
2	w.clarity.ms	www.clarity.ms
2	fonts.googleapis.com	www.gfa.org
1	c.bing.com	1 redirects
1	tracking.crazyegg.com	script.crazyegg.com
1	cdnjs.cloudflare.com	www.gfa.org
1	assets-tracking.crazyegg.com	script.crazyegg.com
1	pagestates-tracking.crazyegg.com	script.crazyegg.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.de	www.gfa.org
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	dnn506yrbagrg.cloudfront.net	www.gfa.org
1	ajax.googleapis.com	www.gfa.org
1	cdn.optimizely.com	www.gfa.org
1	www.gfa.org
1	email.mg.gfa.org	1 redirects
63	26

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com

Subject Issuer	Validity	Valid
www.mygfa.org R3	`2023-12-24` - `2024-03-23`	3 months	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-01` - `2024-09-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-17` - `2024-04-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-11` - `2024-02-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
crazyegg.com Amazon RSA 2048 M02	`2023-05-28` - `2024-06-26`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 01	`2024-01-14` - `2024-06-27`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.gfa.org/offer/freebook/
Frame ID: 65E73D6E95E640970464F67534E90301
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Christian Book - Revolution in World Missions - GFA World

Page URL History Show full URLs

http://email.mg.gfa.org/c/eJw0yTtuwzAMANDTSKNBUdSng4YO1QV6gIJmKMeIExeyDKO375T53UqOmahZLS5BzD7EFOy9fH... HTTP 302
https://www.gfa.org/offer/freebook/ Page URL

Detected technologies

Django (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:powered by <a[^>]+>Django ?([\d.]+)?<\/a>|<input[^>]*name=["']csrfmiddlewaretoken["'][^>]*>)

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script\.crazyegg\.com/pages/scripts/\d+/\d+\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

63
Requests

83 %
HTTPS

67 %
IPv6

17
Domains

26
Subdomains

23
IPs

5
Countries

833 kB
Transfer

2121 kB
Size

28
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer.php?u=https://www.gfa.org/freebook/
Title: Facebook

Search URL Search Domain Scan URL

URL: http://twitter.com/share?text=Check+it+out!+I+just+ordered+a+free+book.+Get+your+free+book,+too,+from+@gfaworld.+&url=https://www.gfa.org/tb1/
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://email.mg.gfa.org/c/eJw0yTtuwzAMANDTSKNBUdSng4YO1QV6gIJmKMeIExeyDKO375T53UqOmahZLS5BzD7EFOy9fHiPznkXlNPcJKgjScQs4BMkRrsWBCRAQHDgXJgyexKNEElulEEMwXOZlsbT3he7lfsYv4fxnwarwXpd19sM1r017QZr66rzvj8MVtvLdr64L-efIVA-xra-HpOwHeXryev2833Oh_R11v8AAAD__28UOpI HTTP 302
https://www.gfa.org/offer/freebook/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.gfamedia.org/images/revolution-right-revised-logo.png HTTP 301
https://gfamedia.org/images/revolution-right-revised-logo.png

Request Chain 10

https://www.gfamedia.org/images/freebook/b1-cover.png HTTP 301
https://gfamedia.org/images/freebook/b1-cover.png

Request Chain 22

https://www.gfamedia.org/images/freebook-footer-bg.jpg HTTP 301
https://gfamedia.org/images/freebook-footer-bg.jpg

Request Chain 23

https://www.gfamedia.org/images/freebook-header-bg.jpg HTTP 301
https://gfamedia.org/images/freebook-header-bg.jpg

Request Chain 24

https://www.gfamedia.org/images/freebook-body-bg2.jpg HTTP 301
https://gfamedia.org/images/freebook-body-bg2.jpg

Request Chain 25

https://www.gfamedia.org/images/freebook-body-bg.jpg HTTP 301
https://gfamedia.org/images/freebook-body-bg.jpg

Request Chain 26

https://www.gfamedia.org/images/glyphicons_halflings_113_thin_bottom_arrow_grey.png HTTP 301
https://gfamedia.org/images/glyphicons_halflings_113_thin_bottom_arrow_grey.png

Request Chain 27

https://www.gfamedia.org/images/freebook-footer-bg-crown.jpg HTTP 301
https://gfamedia.org/images/freebook-footer-bg-crown.jpg

Request Chain 59

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=23C7D6AC59FA4FE0A63E714125B998A8&RedC=c.clarity.ms&MXFR=0375A4CF47F6631A2AEEB0D643F66DB2 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=23C7D6AC59FA4FE0A63E714125B998A8&MUID=2C6A93AB0C336A4F150387B20D336BD2

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.gfa.org/offer/freebook/
Redirect Chain

http://email.mg.gfa.org/c/eJw0yTtuwzAMANDTSKNBUdSng4YO1QV6gIJmKMeIExeyDKO375T53UqOmahZLS5BzD7EFOy9fHiPznkXlNPcJKgjScQs4BMkRrsWBCRAQHDgXJgyexKNEElulEEMwXOZlsbT3he7lfsYv4fxnwarwXpd19sM1r017QZr66rzvj8...
https://www.gfa.org/offer/freebook/

46 KB
12 KB

676ms
349ms

Document
text/html

35.199.187.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.199.187.27 The Dalles, United States, ASN15169 (GOOGLE, US),

Reverse DNS

27.187.199.35.bc.googleusercontent.com

Software

nginx/1.17.9 /

Resource Hash

41eed9fa0ef88baa52bc008e6712c9fa443ad1eaec80ccb4b0e64f6285cad9c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-language: en-us
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
date: Fri, 02 Feb 2024 05:26:46 GMT
server: nginx/1.17.9
vary: X-Language, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Length: 420
Content-Type: text/html
Date: Fri, 02 Feb 2024 05:26:45 GMT
Location: https://www.gfa.org/offer/freebook/
X-Robots-Tag: noindex
X-Xss-Protection: 1; mode=block

GET
H2 200 146879311.js Show response
cdn.optimizely.com/js/ 191 KB
66 KB 298ms
247ms Script
text/javascript 2a02:26f0:480:5b0::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/146879311.js

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:5b0::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9f495b38895304ad8e1dccd53260eac0ad9a46dee72e1ba1ff119f3cc7d57d5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: ZKkqjQKGuOjrj_5.t8nCRzIBHcGetPa9
content-encoding: gzip
date: Fri, 02 Feb 2024 05:26:46 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: WJ5REDK9A9TGCKR4
x-amz-meta-revision: 233
x-amz-replication-status: COMPLETED
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=51, origin; dur=181, cdn;desc="AkamaiION";dur=0,rtt;desc="12";dur=0,cdnip;desc="2a02:26f0:480:5b0::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1706851606535_35115149_239995514_23183_2050_18_15_219";dur=1
content-length: 67043
x-amz-id-2: TbQZ7Mjrm9aPYK+Tx7vrMGwGx/AZTXkXPzr8yfvzO/IR3ZWYWs/veDCLD3frP7+R8NG7gfNW/hM=
last-modified: Wed, 09 May 2018 01:10:35 GMT
server: AmazonS3
etag: "e7e42c6b006bffe03775bbce627fd8fb"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 gfax.css
gfamedia.org/STATIC/g/css/980/ 25 KB
6 KB 46ms
15ms Stylesheet
text/css 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/css/980/gfax.css
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08101ab21e54eed11f7d3d40ff64000a33c13e4962a980e5ca543477bf148413

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QGHQC9N35EZTW826
age: 6005
cf-polished: origSize=32932
x-amz-server-side-encryption: AES256
x-amz-id-2: pRCwNhEXSflYNIWCxQYuWCgd1cR3jGtprWLhYhHPU2cUvN9hYe1QD0N8gptbo5dTUTofLfoqGX4=
cf-bgj: minify
last-modified: Thu, 04 Jan 2024 20:02:11 GMT
server: cloudflare
etag: W/"572a5beaa6e61ac81a774665aa9ee8a4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rvXFaUfyTOkMvxSPdK5yLhOzwDKru0xbPX8EoAQWwIjVQsRvsqZw8z3IxRpfFlI6e%2BSojz6DxEERjdQCdfkdTtr3Oi3dVkUk2%2Bfw%2Fj0on2Hn%2FtUIE01ytWXsX6MVKJS%2BS1by0RPw20w%2Baw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 84f0056ccceb1e6e-FRA

GET
H2 200 grid.css
gfamedia.org/STATIC/g/freebook-adaptive/ 23 KB
3 KB 45ms
14ms Stylesheet
text/css 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/freebook-adaptive/grid.css
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d664de4b058971b31b9776d02d5fde99c747bdc1dc570e141e1bc23e4cdf6dbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YCM5AD3QWETRWJBJ
age: 1519
cf-polished: origSize=27888
x-amz-id-2: AKsnVZb786LmplUYJvF30duDhCvottISRRf5buXN9/xKqd2nNmV8RutQGQiFl+ATTDHrsnGNxrA=
cf-bgj: minify
last-modified: Thu, 23 Nov 2017 15:22:05 GMT
server: cloudflare
etag: W/"5ae714bc238ed39947692d768675adaf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2hOosRDXBxPqCEZ3NBTaHE23iyx455NXU%2Fy5yq%2BbHkSxoTLzzDwcX9mxTWWAfs1bbd73Ll86%2F47Na4l28QaQ%2BI4z2dUhha583F%2BLj%2FRpPW3adxupZY45CgQNu3sITPW%2FHIqRmPLgXVizg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 84f0056cccef1e6e-FRA

GET
H2 200 main.css
gfamedia.org/STATIC/g/freebook-adaptive/ 8 KB
3 KB 44ms
13ms Stylesheet
text/css 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/freebook-adaptive/main.css
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a134d82faa6faa4d9c714e1248ce5b918d36d792f7941205d947d98a8dd96f28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: YCM4C2REAR5EH2FR
age: 1519
cf-polished: origSize=10683
x-amz-server-side-encryption: AES256
x-amz-id-2: kHXiyvaytdiN+ZkvwTJS1J6mny3Y/GplBvd4tzdDAQl2hTlxgIYAVzpQxjEkiuV/t5qEZLjAuYo=
cf-bgj: minify
last-modified: Thu, 01 Feb 2024 20:02:37 GMT
server: cloudflare
etag: W/"ac4b9958aabcd1505059070a474ac64e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOASlX2v1Jn7pF3AfmQPlCkEVZy%2FDF3T77V6ygZh74pUDVbI%2F7ciOIAM4MsHcEQtHTUs0J53gkGG1bEmhlwfyeoD%2FdjVCXR5e0bgSy7l46CJcnyPepdTh10jk2hdFsyrSeBmtdVnoYW44g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 84f0056ccced1e6e-FRA

GET
H2 200 dforms.css
gfamedia.org/STATIC/g/css/ 8 KB
2 KB 47ms
17ms Stylesheet
text/css 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/css/dforms.css
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e45b159eb2c5ad93a1f267269c7d4eff93793fbe1d2b2950177d3213dc97fe05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WV5ZCT00SFZ4R13M
age: 1519
cf-polished: origSize=9561
x-amz-id-2: 1Wg6A9mZtuYE3vpZ5/665SiTbEfY9q0hEMd7iB5afeBp0E1XcgzCtUS0NH4Hyt8XD+p14KZFxq8=
cf-bgj: minify
last-modified: Thu, 23 Nov 2017 15:16:47 GMT
server: cloudflare
etag: W/"39a4e8773bdaae32721465ee2d09d7e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cixGZbFnbbVWFfJGlUv4vLwB1zpDx0b16szMvLa%2BXwX1VPNxe80lc9HUXwI7kcThdpk8YvwaQ3%2F8tkzTgJbAtvmTkueuEFL3EIKyx19r4JP7SW05Yv%2BXdg7vwvpFcdS4Y7BqweXzOsIUcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 84f0056cccf01e6e-FRA

GET
H2 200 all.min.css
gfamedia.org/STATIC/g/libs/fontawesome-6.4.2/css/ 100 KB
23 KB 48ms
17ms Stylesheet
text/css 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/libs/fontawesome-6.4.2/css/all.min.css
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: ZPJT568DRQ4H7T48
age: 749
x-amz-server-side-encryption: AES256
x-amz-id-2: 9HBke8QbShA1p+IXsu9EfwikOaaCNY8Ql5cCXTbu4Vt8pYUiqoJSuwavs9gv93mBUbDamTi/8pU=
last-modified: Fri, 10 Nov 2023 20:04:08 GMT
server: cloudflare
etag: W/"5222e06b77a1692fa2520a219840e6be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgouqKKZfjmmW2u4rS%2FSBd23LU4cVfo0krEaX%2FimIh8oxBDk3osuX1BnBmpGtLVxZntpMBxmBFtTAowI1pfff15JonJz4fO%2FD9Pk1Qvv5HL%2Bz%2BlbnjI6IIHrF06HKoF1bfETWdgwb3VU%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 84f0056cccf11e6e-FRA

GET
H2 200 css
fonts.googleapis.com/ 33 KB
2 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 04:12:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Feb 2024 05:26:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
795 B 36ms
15ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 05:09:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Feb 2024 05:26:46 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 56ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:14:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:14:46 GMT

GET
H2

200

revolution-right-revised-logo.png
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/revolution-right-revised-logo.png
https://gfamedia.org/images/revolution-right-revised-logo.png

12 KB
13 KB

20ms
20ms

Image
image/png

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/revolution-right-revised-logo.png
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef17c8b7111d14d358a18a2810a9421bce529837767eb7bc01dd5b1f176b17e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXGGVJ5CTH9F5YP
age: 2371
cf-polished: status=not_needed
content-length: 12608
x-amz-id-2: vDpzOktXTMcuL+yBKdUzr1JUk+qwdX1jP8YhcNyrQtvqEE/bVSTMUvqFUzpc9j50R4a98kqqgrE=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:40:45 GMT
server: cloudflare
etag: "70bc1dd2ce776b819db25fe02714036f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh7KvkhiIWqq2tXQoGiOtQ9dZv8%2BDUnsJsRnkWgvCyRlpZM2%2F2%2FbPhw9G1kwbSf6CeZY1p9NAJGAKvvSuAybJrVmm9xItaXdxk%2FHdWJJ%2BTzwrpXiIfRPI%2BqT96Mbmb2SUudrb7vqXJVuiA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056cdcfd1e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg5iRcPe%2FWI8ysTOPW4lqX2UaWxVkAQe1BUGL9aj1H8YM95QAAff5o4QaQwtvlbQ0i7CnsK5UedNO9DKTXGCJWLMpdJrV9b6Kj6dxgBKYQlt9brklrQyA2eZyRsvjEKCowhS4KmM7cW%2FwVmIvNI%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/revolution-right-revised-logo.png
cache-control: max-age=3600
cf-ray: 84f0056ccb8f928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2

200

b1-cover.png
gfamedia.org/images/freebook/
Redirect Chain

https://www.gfamedia.org/images/freebook/b1-cover.png
https://gfamedia.org/images/freebook/b1-cover.png

110 KB
111 KB

14ms
14ms

Image
image/png

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/freebook/b1-cover.png
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 442474257b4675b49f8d86a4bfb93fdcb9165e6b0c2104cf1958f28f6f56c66d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: AH2RQZN06RW458HT
age: 1517
cf-polished: status=not_needed
content-length: 112859
x-amz-id-2: itnvyV7MRvNoG8841ttP5e5liOLDJEVVeruGuYjad3VRVPLhBZ1rLoFFHd0v5rG0NMdxqfg/ycg=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:07 GMT
server: cloudflare
etag: "eb51fd09a74cc61b7ca625f188e07100"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gPsqZ1l5KZHKI0BT049tSWi8uL%2FLaqOkf0bnj2cyZemJj8x5TBvmNMi%2BJR1UhlBCTHhJrh2Au%2B3eZWAXNwTlLMH5Uxumy3vYM5EdcpOy53cDg0BcVo9Wtz5w8D08vo90meZ5X90deItLPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056cdcfc1e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ozxml%2FuUAK05gZ0x7%2B%2BGG1eqRnPAk6RT9Fvzt7YDWPnOb7Eew2qLi1YrYWbv0MkY7JbRDqxh70g68LyNdfIkj3tBWc%2Bp37FIaJjTMsh76PS7JC9q18MotpiBGSNm1KfQs0D9YB8KIGYFc9txSY%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/freebook/b1-cover.png
cache-control: max-age=3600
cf-ray: 84f0056ccb8e928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2 200 select-box.js Show response
gfamedia.org/STATIC/g/mygfa/ 674 B
674 B 14ms
14ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/mygfa/select-box.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c1a6d16ae87b8146e0e3892f38d92de07b0dae6e160ee0c687cc196ae5974a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WXJZ114DV4K6KB5A
age: 1518
cf-polished: origSize=1240
x-amz-id-2: UR25Imjt6EW+XligXdtOknSxS+E7lEaFEmq2UlSCDq3J78Gs2UzlO3qxsoWlrcDo4Zvs9raX4so=
cf-bgj: minify
last-modified: Thu, 23 Nov 2017 15:21:47 GMT
server: cloudflare
etag: W/"89d37b99a8e62301aeb86b77c18f6729"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ws2L5%2BoCWgVj6mAQnXHuJYFK%2F34sigr01AfiQyPFCwZeARLAGbp4DEm7WLEw4S4sZgfA3e7pY3RUA0ztWd21aemG9XBI5Eqb%2F6TXCJMhzFQXyRQ2OT0dS8gPPR785rFW7%2FiiGL0DvZLLWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 84f0056e9e9f1e6e-FRA

GET
H2 200 stateful.js Show response
gfamedia.org/STATIC/g/javascript/ 890 B
768 B 14ms
14ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/javascript/stateful.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31f7a778b07135aa43d27e8886f94a69b67dec5345b467ec97ed8d0b77d1a6b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WXJYW266K0V021D9
age: 1518
cf-polished: origSize=2689
x-amz-server-side-encryption: AES256
x-amz-id-2: zKd6BSH5KP/ETo4hH3c0xnNKB6GHHjbkXPzhzHzc2FQlUD3urrAQm/Y0e3GvopAkPIn7IDt4yRU=
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 20:02:11 GMT
server: cloudflare
etag: W/"4cbb18dd140a21ded0945999dbea92a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pnn%2BOQHrJiaQb0kQW950vHjExbjuIfJq0sSuTwdaHrJqEyeS91ULsCokfvCfzHVKl0j4D3tGPNmGheJU9dkxWSC5lbRh93oEQh3O169O7L8UREni%2FMJWID9gVtG87sTCQeYbexDpReTQNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 84f0056edebd1e6e-FRA

GET
H2 200 logo-facebook.png
gfamedia.org/STATIC/g/freebook-2011/img/ 956 B
1 KB 12ms
12ms Image
image/png 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/STATIC/g/freebook-2011/img/logo-facebook.png
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f36883c2e166774062b72e993c6b785d14eec694e57fdb54c2a53efae4cc799

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXQYZCFH7CA2YPZ
age: 1518
cf-polished: origSize=1752
content-length: 956
x-amz-id-2: /L6WV3NSNDLLc7BL9vdMxWlmobeNKuTLetnBV+3HmWE08OS2oUe1QTOtExoelMoiUQCDPVUoRxk=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2017 15:22:17 GMT
server: cloudflare
etag: "5fa1c31e95b879e530a17285bc5db5b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHTTdGyOQjv3u41QFb4R2gdrj6txdjJ31bbbwoEo%2Br5HuUcbnZfcIqmzEIBzi6M9oXyavNC6crJNAgN6h4LTOGkLcy%2BMHuEtyvuKmcP5lDh99vL7DnEeRPKTtcnBuuyOb72VnoXKCc60lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056cfd231e6e-FRA

GET
H2 200 logo-twitter.png
gfamedia.org/STATIC/g/freebook-2011/img/ 1 KB
1 KB 12ms
12ms Image
image/png 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/STATIC/g/freebook-2011/img/logo-twitter.png
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fe667e13a8e25273e579f3a6e7e2b6cf92aa91c2b09c967d46863b380f840be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXN66WK54REK4S4
age: 1518
cf-polished: origSize=1643
content-length: 1025
x-amz-id-2: ZnW9Slk5OSr1JLlwKwaK0F85aXXsCF/6ImWuWmPT9NYWZiryGOs+0pWfgzVx0CSa9Xt4pxdgSXM=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Nov 2017 15:22:24 GMT
server: cloudflare
etag: "434cd8e7a039aac3aaf977ccf0d62833"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Khjb3F56jrd85vlDAatd7lgthXQOpw5mrInwEdbMmdMkVnbcVo6T53rhCWCnVbAsR2H3N6CSviwVoDcKR6zDshB6q9HUMCsxp5p6ZVZtmz8SyPSgdUDRnzaqMFKj%2BAQgsWhjtM6zELYboQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056cfd241e6e-FRA

GET
H2 200 ajaxform.js Show response
gfamedia.org/STATIC/g/javascript/ 817 B
971 B 18ms
18ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/javascript/ajaxform.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f208dad298f08a3528e3bed0b38cbfbccd173f4845db8421e826b92064d1c279

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: S2DETDKRT41QD3DW
age: 427
cf-polished: origSize=1238
x-amz-server-side-encryption: AES256
x-amz-id-2: l+7RYWx8lcWwnnz01hwvbAc/PgGGjgW8g2X2QrhdJdjxilUOHMGhKwoh1y7ouyq7uR1bZ2fWvg4=
cf-bgj: minify
last-modified: Tue, 07 Nov 2023 20:02:15 GMT
server: cloudflare
etag: W/"3f1e3b55b5c33e1746144d7a0d33adf8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0DzUCOAoMdr15MKJUnMGyjqGKqoGX5%2BAy39zruUifxcEspqFAlU2rWnkxsX19aJL%2FmJfWmALWLAxnQE4CCfLR2V7i%2F31d93PcejRmZYX2jmrOhGZaHjJTm0xo852Y3ykT7Jm7BKBcoOrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 84f0056d1d351e6e-FRA

GET
H2 200 zipcodemagic.js Show response
gfamedia.org/STATIC/g/javascript/ 2 KB
1 KB 747ms
718ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/javascript/zipcodemagic.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d809dbbefde978845fdbb27d8a74c0a9f2c0329df1c336abbd9894d90a82f90f

Request headers

Referer: https://www.gfa.org/
Origin: https://www.gfa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:47 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: J65W8SFF97R6SCT3
cf-polished: origSize=2413
x-amz-server-side-encryption: AES256
x-amz-id-2: g7lWp+Uj9MHivhwaoRp1SJGv7w/yCENa7Mtiay1Vy48n0jm4zMQcvIhqY/MXbIqWxGeivg0wNfA=
cf-bgj: minify
last-modified: Mon, 29 Jan 2024 20:03:31 GMT
server: cloudflare
etag: W/"54fbc73e969cf33e5e98792a4aed14d8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BqGPNclKIpYcp1vdi%2Bns%2BSIhMR%2Bol2jIOLRIuneKGbXGwrE%2BOUC4cqkUZF0SGOMPJ4HS7cye5vbPNhnhkrSRAIS5adysrqsx8sS38mCJC3gzXjXId82LdFk6zCBOqT4yr8WwVza%2BJ8j0RA%3D%3D"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=86400
cf-ray: 84f0056ccca79231-FRA

GET
H2 200 international-dropdowns.js Show response
gfamedia.org/STATIC/g/javascript/ 914 B
642 B 13ms
13ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/javascript/international-dropdowns.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 594e7d9cb00a2c0cde3ad2104ea9492e2c2d7aeb04210a62269714b82571fea7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXZGPRSP0HYPW0Z
age: 6004
cf-polished: origSize=1125
x-amz-id-2: zjZHq11QYn5HiaY0S5r3Duj5gr3kr6OKu4mu1VDSNjactRRMqjxDZjOkmduErTyVkaWpEFztXDo=
cf-bgj: minify
last-modified: Thu, 23 Nov 2017 15:14:28 GMT
server: cloudflare
etag: W/"2cf8bec2b46e69ce262c7a38901068c3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srU2Qp4SliP4fVwnPGOP4UZDyLFrVbaHucZVv0uvy9SpGpYYXKWI%2Fe01RfDJ7IaumNeiptCWkoFYmoMqRGDQeIQT0AJbkUKOtmqMi63mYa4rTouPf%2BkHYsuUjFvmbdzWG6IsUEHZVExusQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 84f0056d1d361e6e-FRA

GET
H2 200 scrollto.js Show response
gfamedia.org/STATIC/g/javascript/ 702 B
743 B 15ms
14ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/javascript/scrollto.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f98a1459acb272898b871033eeaf5b0ed9df077ac05a78726c216690b566181c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: RJMZRWE4RCE628A7
age: 6004
cf-polished: origSize=1040
x-amz-id-2: mRPRPfVKrJEnUui7ypfV+8VwG+bmBNB+x4xZYlw2pO1VmcySVT+eJMJx0T5KQThfzzqaZcKZbuE=
cf-bgj: minify
last-modified: Thu, 23 Nov 2017 15:14:34 GMT
server: cloudflare
etag: W/"2862e27c6f93387db7749ead4ac1952a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4RBXxL8AE2Im0EmKGLRRfk7emneRR2nzxRwLqms3ZgTIs8nTyf98HZ7o9sMBCcQPw%2BGhjXwRMAADQfYv6rkNcPXMl7FIM6P%2BZfW537PtY2x9yTsWwtjl%2BcpofFoBVaDGarbcW2kmANw4gQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 84f0056d2d481e6e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 302 KB
100 KB 48ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P3KH8P6

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

960a9a97eebb5313c6553e4079991ac1bd078ce38b30f2a5020dc1c4972f8ca5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102322
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 05:26:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 214 KB
58 KB 42ms
15ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 05:26:46 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57202
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: sV0KZk1zS0Zz8h4mN+JrJJXWOyoVMfQO/XtSDQ/ORabmyf5BQIbt+kcVPlBcH3yheNY694p42m0iN8S0gv6UJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 select-box.js Show response
gfamedia.org/STATIC/g/mygfa/ 674 B
526 B 12ms
12ms Script
application/javascript 2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gfamedia.org/STATIC/g/mygfa/select-box.js
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96c1a6d16ae87b8146e0e3892f38d92de07b0dae6e160ee0c687cc196ae5974a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WXJZ114DV4K6KB5A
age: 1518
cf-polished: origSize=1240
x-amz-id-2: UR25Imjt6EW+XligXdtOknSxS+E7lEaFEmq2UlSCDq3J78Gs2UzlO3qxsoWlrcDo4Zvs9raX4so=
cf-bgj: minify
last-modified: Thu, 23 Nov 2017 15:21:47 GMT
server: cloudflare
etag: W/"89d37b99a8e62301aeb86b77c18f6729"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xv7Qu277rxaTZm9AWsXXUL2ToHWWQ1QZDZBw8z67%2FArzA5trVCS4%2BuIkGiSO7bzbHT7n6yzoBducrbvga3xj0qT0ZzFWWw7kBMK3fgbSWfHMxZ5XtH8gQlIu8JrczDUo%2Bsq39mLm0OW9oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 84f0056edebe1e6e-FRA

GET
H2

200

freebook-footer-bg.jpg
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/freebook-footer-bg.jpg
https://gfamedia.org/images/freebook-footer-bg.jpg

3 KB
3 KB

13ms
13ms

Image
image/jpeg

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/freebook-footer-bg.jpg
Requested by: Host: gfamedia.org
URL: https://gfamedia.org/STATIC/g/freebook-adaptive/main.css
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f93e73ff9b53cb124a7fb64b1d427b5795b83c1ccf9e63c751f636f1dec70c23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfamedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXVR6333916K407
age: 1517
cf-polished: degrade=85, origSize=3084
content-length: 2627
x-amz-id-2: coVY4SgUIc/FWyOr9dMkjgwR7haJwTmY2+5QhM1tdZCdphczcRbE+Vjinxydk9lv4dHWtja+9lU=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:07 GMT
server: cloudflare
etag: "093fe65853b60ae24f721491ebd32914"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JERfCLYXt%2FWwKlZ38n67n2jfPf8X4yoeNMdUrre%2FxtAAg81bOF%2Bup9%2FGgZ3i3xeadZc5ThNAoXdPoHcfQjeRVB1lWgV3%2FMpHNYemC0Vzdx8Ims151H2KIegXb3ldMWv9inf9ukO6D%2F%2Fjbw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056eeed61e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7K%2FwAVPgWcbCAfazsn5LQ5GZNoougWE53tpOa6u%2BJ8%2BeZ2FrA7RPHhNmet0z7YaTAofMxQ6n2kj9w9eNFsG7kVx70WxU1W6NBHT7Vm6mJ%2FDO7%2FvbFGzJ%2FBh9d5AoJYd7ES02jywqWcskBgC%2FcvA%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/freebook-footer-bg.jpg
cache-control: max-age=3600
cf-ray: 84f0056edc93928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2

200

freebook-header-bg.jpg
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/freebook-header-bg.jpg
https://gfamedia.org/images/freebook-header-bg.jpg

4 KB
4 KB

14ms
14ms

Image
image/jpeg

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/freebook-header-bg.jpg
Requested by: Host: gfamedia.org
URL: https://gfamedia.org/STATIC/g/freebook-adaptive/main.css
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c81c03c7164b0d7fa8c2b8cc27f39529e1169da1c28a8518831796bcd0456c64

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfamedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXHEJZXXD7YSXC8
age: 1517
cf-polished: degrade=85, origSize=3963
content-length: 3669
x-amz-id-2: ZLPXeFDaGQFbTVwMVBAn+PB1+aNaPMZwSlx0tjBNamMWzehp+pPT/sgKNEnQMzSaR+yM7V3Zn2E=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:07 GMT
server: cloudflare
etag: "01895086c9e4c47eb76389d00375ee51"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pouts6v4%2FTAZivMIrTEzlzxkTZDS%2FcED60jBGEL2%2FxACYW3p65DJ6JrpBvGHf54Xf%2BqeGuDhkmb1yGGsNtXR%2Fy97V1GKB2%2Fjt%2BjpEN9Jnqoolvr7mSdEo1gbjyCOHi3YjuFU8RiHRb4QTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056eeed51e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kBByhYTGuZTsg019TYhNBOC%2FubyPUPgZDqXDS4dOvz%2BnIN27lI3I%2BChMQoxv6cwGFxQUNIthU0vYaTQzIIOl8xKIbE%2FNa%2BAVmm7Ro36ypg9OwahRzGclb4PmTV%2BzN7q4cEIxS8gSIgSEr2575mU%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/freebook-header-bg.jpg
cache-control: max-age=3600
cf-ray: 84f0056edc94928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2

200

freebook-body-bg2.jpg
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/freebook-body-bg2.jpg
https://gfamedia.org/images/freebook-body-bg2.jpg

1 KB
2 KB

15ms
15ms

Image
image/jpeg

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/freebook-body-bg2.jpg
Requested by: Host: gfamedia.org
URL: https://gfamedia.org/STATIC/g/freebook-adaptive/main.css
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a452a13b973af9a846d70fb808d5fc9949a74013424467b5bb7e320839b29815

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfamedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXN58VTXBYQYPD4
age: 1517
cf-polished: degrade=85, origSize=1635
content-length: 1467
x-amz-id-2: TyZFd6eiTuanfJfEoUtxXAscKuU9wLQu334lGMOB2+Au5jCOGXAbyHATVEOJWMq6PUMIlUKhJmc=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:07 GMT
server: cloudflare
etag: "f8d68e8913fc1b8f9ab6934839553b52"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qOcRZ5%2FX6X%2Bqw76iKr%2B3PZysuGDWXRfyc3u3hvyS9R4ijPgQcdHMof61mTzStAu%2FC%2FrRUb%2FQ4xIpR69o7KXNP9yhl7bC1SKFuR1tBI81tMWos9RKCR4iuSCRw2Vx7oKxRlgTH4FU1lDBhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056eeed71e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FdA4ba7zfoRoSDI79btDKzPK6H5elV5XcUDlblPvBrQALuKMCSElg1GhsYcmnHRH6AcDlbF4AjZp88u7fQKhVNAfflG%2FekRhxQYbDcpSunOw1XpcDj%2BHG145FiIAaL1uBfBYFv%2FQI47lc915l0%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/freebook-body-bg2.jpg
cache-control: max-age=3600
cf-ray: 84f0056edc95928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2

200

freebook-body-bg.jpg
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/freebook-body-bg.jpg
https://gfamedia.org/images/freebook-body-bg.jpg

3 KB
4 KB

16ms
16ms

Image
image/jpeg

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/freebook-body-bg.jpg
Requested by: Host: gfamedia.org
URL: https://gfamedia.org/STATIC/g/freebook-adaptive/main.css
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5209a22c9b917daf925c582f39bfa5577724d79116fdb7f03eaa8c948a53480a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfamedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXMR1WB8ZWKKAEN
age: 1517
cf-polished: degrade=85, origSize=3420
content-length: 3148
x-amz-id-2: HM83wNrcObUcenRtomUZzbeM2q5SXDrWVd2l2MtqEdWvc/bvpM0hGBks7ZsT2pV5VDGwwotYrU8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:07 GMT
server: cloudflare
etag: "cacc7af7df9f90151bde9fbf7221fb1a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bao%2Buq1%2FKA62%2F73suedsVmuAy1B3usjp7hLSHuWChmHiwtyJZdMlDhpCIKI96%2F9bQNpEsDZM9tpVlaPQZXTCiY7lTVV55nBWxpGcF6U1HbU5JPNTROCLrJfsBMhaaFSPSeQI%2FpmWxSeT9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056eeed81e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVv87P8Zuimany7o4IqTEOIpuiNq6FfkXIGbNwfoEy1gCnwugZRHolBoleP8l3D6Y19dO1vyCie0Oybsa9EXb3bmJMyQ9YYwTeWw6dFJSzkBTHD%2B0u0vNzrsTpxy1xMkYT6u58NX4BC%2FcG%2FN8Mc%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/freebook-body-bg.jpg
cache-control: max-age=3600
cf-ray: 84f0056edc97928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2

200

glyphicons_halflings_113_thin_bottom_arrow_grey.png
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/glyphicons_halflings_113_thin_bottom_arrow_grey.png
https://gfamedia.org/images/glyphicons_halflings_113_thin_bottom_arrow_grey.png

122 B
562 B

14ms
14ms

Image
image/png

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/glyphicons_halflings_113_thin_bottom_arrow_grey.png
Requested by: Host: gfamedia.org
URL: https://gfamedia.org/STATIC/g/css/dforms.css
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa4040143cfff2e70a35d94593f19f32fdccbadfe25e379e0d3e68b01854d8d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfamedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QPXMNQE6WX6B9CHT
age: 1517
cf-polished: origSize=228
content-length: 122
x-amz-id-2: V+Qidn8TuyExCYqSZ6nidJuxewhf4VuH3BBJrNd4+hhw9rgrsZTa0sM499GeyOPmLaUNch0Oc6g=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:49 GMT
server: cloudflare
etag: "65582b1ae60f364d74dd20e86686990f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R6R2LIjIAgeDZrzmZZMhCCsuqENEuYTxzUjoANqcy3gTzuZyUaRZOnNRq0b6zbofgrlBWxaZXVPJXkmquK04Yo0obSBg%2Fv87l%2FRFGMXXI5MdGhlDY89Mlhb5nLjMZoHHKXZ%2F3%2BUj8zKSlA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056eeed91e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ITALzy4AOUtedbZY0Iz0buoTk4j2B5ivL3RZrOtWzufqEnsQgFVOP%2FsnAIECLubDELXGmMVQFpiNz%2FpdiGhr6m9a8KAhJs7TTq6%2B1rUgY5JvpsKk50dz6O%2BQS%2B7csLTMDrmkZqHo6dWulg%2BWDdo%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/glyphicons_halflings_113_thin_bottom_arrow_grey.png
cache-control: max-age=3600
cf-ray: 84f0056edc98928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2

200

freebook-footer-bg-crown.jpg
gfamedia.org/images/
Redirect Chain

https://www.gfamedia.org/images/freebook-footer-bg-crown.jpg
https://gfamedia.org/images/freebook-footer-bg-crown.jpg

4 KB
4 KB

17ms
16ms

Image
image/jpeg

2606:4700:20::681a:324
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gfamedia.org/images/freebook-footer-bg-crown.jpg
Requested by: Host: gfamedia.org
URL: https://gfamedia.org/STATIC/g/freebook-adaptive/main.css
Protocol: H2
Server: 2606:4700:20::681a:324 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35056163a93c5528f3a085138e7e5ad0a22f97a06109c6cfc9111e63906d58cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gfamedia.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4MNVC0QVJNFSEX6P
age: 1517
cf-polished: degrade=85, origSize=4356
content-length: 3624
x-amz-id-2: 00VjPz4qNAa6YlWgJ1lNrr73/7H2hph11C9RDHxoFBg43JwDx88LNtZUtp2D17Zbrs4JA6baXlw=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 31 Oct 2017 13:37:07 GMT
server: cloudflare
etag: "aa77b8836ea201702ab43ae44083b3b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NT%2FvrpplBnur0x0SsKI2CSchWGsOJ3o2Cz4pA3i2J03XhivTjZaq8qu35I7TZbyYzG3ukDS%2B6RzLmQyuDK5pxKxM9jlWuhOMGUtHeGGKxWHmhOGcWXoy57aHJLClrOmhQX0DvhIxxmsbOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 84f0056eeedb1e6e-FRA

Redirect headers

date: Fri, 02 Feb 2024 05:26:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3f%2B2LMN8tX9eYgEf%2FgEdTaX3vTEBFp%2FX5G3V64IOpRBUB4y0rPgYUByyo0cYQ5qRii5qesS0aIGnOeurNQUPqtNubZsaP1xw%2Bd%2Fflk8OJSrC4j2pfsufnDNzpwjjohipWo%2BG5MIKdPhRLI6fvk%3D"}],"group":"cf-nel","max_age":604800}
location: https://gfamedia.org/images/freebook-footer-bg-crown.jpg
cache-control: max-age=3600
cf-ray: 84f0056edc99928f-FRA
expires: Fri, 02 Feb 2024 06:26:46 GMT

GET
H2 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2
fonts.gstatic.com/s/droidserif/v19/ 25 KB
25 KB 39ms
18ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gfa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 13:02:15 GMT
x-content-type-options: nosniff
age: 231871
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25980
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:47:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 13:02:15 GMT

GET
H2 200 tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2
fonts.gstatic.com/s/droidserif/v19/ 23 KB
23 KB 36ms
15ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v19/tDbX2oqRg1oM3QBjjcaDkOr4lLz5CwOnSA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Serif:400,700,400italic,700italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gfa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:22:12 GMT
x-content-type-options: nosniff
age: 252274
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23520
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:16:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 07:22:12 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,600italic,700italic,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.gfa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:10:32 GMT
x-content-type-options: nosniff
age: 209774
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:10:32 GMT

GET
H2 200 5214.js Show response
script.crazyegg.com/pages/scripts/0012/ 6 KB
2 KB 63ms
16ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0012/5214.js?474125
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea2b3e81abda845f3429f4cb0d5ac6a81c143c61fb3c5c4a5ccad1474436ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13882
cf-polished: origSize=6112
ce-version: 11.5.181
cf-bgj: minify
last-modified: Fri, 02 Feb 2024 01:35:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 84f0056f4fef1961-FRA

GET
H/1.1 200
OK 5214.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0012/ 309 B
820 B 50ms
16ms Script
application/x-javascript 18.66.242.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0012/5214.js?474125
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.242.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-242-7.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2f256ac3fe5685ecddad24da3438edc567aefc20bb5d12781cd2c1d222a0f19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 09:48:43 GMT
Via: 1.1 cd8cc1ff175a63c59feeb56bb3687766.cloudfront.net (CloudFront)
Last-Modified: Tue, 03 Mar 2020 19:05:13 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-P1
Age: 416284
ETag: "165127d049d9d2354b002bb713014506"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 309
X-Amz-Cf-Id: kgRS0KKAebmZ7mLvSsPgRWgCTWAyVpk20tnDvqpzIls3IPQ_RTW1Ag==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
94 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-EXEPCWTR81&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3KH8P6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c298f4c4962fc999bb4d14a56c8e138350204d28500bb509ec58e8edf81ead4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 95969
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 05:26:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
82 KB 28ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PBJS7YH2H9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P3KH8P6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da707b037bb2d2ad5cb9f627a139865ccc5bd32e9191749bbf3f6a81622e14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 83602
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 05:26:46 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 54ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 02 Feb 2024 05:26:46 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 49FE9101C17D463FA4D5F7CBDBB05022 Ref B: FRAEDGE1708 Ref C: 2024-02-02T05:26:46Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 9m4bny105z Show response
www.clarity.ms/tag/ 1018 B
1 KB 145ms
101ms Script
application/x-javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9m4bny105z?ref=gtm2
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f7af302ea383a3588a3e3b86464ae444368cd1df5de81b9aaec8949f46ac74e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: -1
date: Fri, 02 Feb 2024 05:26:47 GMT
x-azure-ref: 20240202T052646Z-urc3dxxsdt53d9txx5cd9dhhzg00000001bg000000006t16
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1018
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 1400103660296134 Show response
connect.facebook.net/signals/config/ 61 KB
13 KB 345ms
345ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1400103660296134?v=2.9.144&r=stable&domain=www.gfa.org&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1073003f78c62759b997e41f21ba2383686b8beda196c4fe43b4e3134b5a4e38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 05:26:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: xgfHpcFZZysS2y6kdICiFp2CMpHXKvFPAaJVWggIm4oZtMOmXuobIn2IQdkrVz9v0OYpbdvImjJv6vElBjAnJw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 www.gfa.org.json Show response
script.crazyegg.com/pages/data-scripts/0012/5214/site/ 5 KB
2 KB 33ms
20ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0012/5214/site/www.gfa.org.json?t=1
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/5214.js?474125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efb120c78104205b3314371e5f5e499da010f9b6b1289444554e7b422c0c89ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13943
ce-version: 11.5.181
content-length: 1838
last-modified: Fri, 02 Feb 2024 01:34:23 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f0056f7a029bdc-FRA

GET
H2 200 5214.js Show response
script.crazyegg.com/pages/scripts/0012/ 6 KB
2 KB 15ms
15ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0012/5214.js
Requested by: Host: dnn506yrbagrg.cloudfront.net
URL: https://dnn506yrbagrg.cloudfront.net/pages/scripts/0012/5214.js?474125
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ea2b3e81abda845f3429f4cb0d5ac6a81c143c61fb3c5c4a5ccad1474436ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:46 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 13882
cf-polished: origSize=6112
ce-version: 11.5.181
cf-bgj: minify
last-modified: Fri, 02 Feb 2024 01:35:24 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
cf-ray: 84f0056f68041961-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
252 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-EXEPCWTR81&gtm=45je41v0v874899101z8830163628za200&_p=1706851606501&_gaz=1&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=823225293.1706851607&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706851606&sct=1&seg=0&dl=https%3A%2F%2Fwww.gfa.org%2Foffer%2Ffreebook%2F&dt=Free%20Christian%20Book%20-%20Revolution%20in%20World%20Missions%20-%20GFA%20World&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&tfd=1419
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EXEPCWTR81&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 05:26:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 56ms
19ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EXEPCWTR81&cid=823225293.1706851607&gtm=45je41v0v874899101z8830163628za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EXEPCWTR81&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 05:26:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 38ms
18ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EXEPCWTR81&cid=823225293.1706851607&gtm=45je41v0v874899101z8830163628za200&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&npa=0&z=1603958048

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 05:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fe0cd9e3e34eb8a86f099c31f796da84.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 95 KB
31 KB 17ms
17ms Script
text/javascript 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/fe0cd9e3e34eb8a86f099c31f796da84.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0012/5214.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62cb4d4f5d117898a64badb37c22301182c3af7b45b87d26d55d580de4263638

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:47 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 26 Jan 2024 11:24:03 GMT
server: cloudflare
age: 57289
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f0056fb84e1961-FRA
content-length: 31561

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 34ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PBJS7YH2H9&gtm=45je41v0v9131040127z8830163628za200&_p=1706851606501&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=823225293.1706851607&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706851607&sct=1&seg=0&dl=https%3A%2F%2Fwww.gfa.org%2Foffer%2Ffreebook%2F&dt=Free%20Christian%20Book%20-%20Revolution%20in%20World%20Missions%20-%20GFA%20World&en=page_view&_fv=1&_ss=1&tfd=1433
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PBJS7YH2H9&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 05:26:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.gfa.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 56347044.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 29ms
29ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/56347044.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9cc17881fc6c9f5a866a15e30530eedc116e184629cca71e323e9d7245f9d1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Fri, 02 Feb 2024 05:26:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A5A1C626DD274F4BAB645A56FE0E1FB4 Ref B: FRAEDGE1708 Ref C: 2024-02-02T05:26:47Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ 0
285 B 33ms
33ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=56347044&Ver=2&mid=02aee278-a148-482c-bd6b-d7c56d3e35bb&sid=a8b48d30c18b11ee816943f590d2190f&vid=a8b48c10c18b11ee8628915b249e774d&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Free%20Christian%20Book%20-%20Revolution%20in%20World%20Missions%20-%20GFA%20World&p=https%3A%2F%2Fwww.gfa.org%2Foffer%2Ffreebook%2F&r=&evt=pageLoad&sv=1&rn=840315

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 02 Feb 2024 05:26:46 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 952E587834E64507A79D8C50783D826D Ref B: FRAEDGE1708 Ref C: 2024-02-02T05:26:47Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www.gfa.org.json Show response
script.crazyegg.com/pages/data-scripts/0012/5214/sampling/ 152 B
260 B 204ms
204ms XHR
application/json 2606:4700::6813:9308
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0012/5214/sampling/www.gfa.org.json?t=474125
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/fe0cd9e3e34eb8a86f099c31f796da84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c64253aa01afccf46d7bbc8d2a7f610df11bdb8f3a06e7bb6ec3f27fdd20a16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:47 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Fri, 02 Feb 2024 05:26:47 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/json
ce-version: 11.5.181
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f0056fea589bdc-FRA
content-length: 144

GET
H2 200 56347044 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 98ms
98ms Script
application/x-javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/56347044
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/56347044.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6516c5ab25ca744620a3ec5ef082f307ee5ab61a5da1b7fe94843998cec5d869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

expires: -1
date: Fri, 02 Feb 2024 05:26:47 GMT
x-azure-ref: 20240202T052647Z-urc3dxxsdt53d9txx5cd9dhhzg00000001bg000000006t1f
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1246
request-context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.20/ 60 KB
25 KB 21ms
21ms Script
application/javascript 2620:1ec:46::62
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.20/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9m4bny105z?ref=gtm2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::62 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:47 GMT
content-encoding: br
last-modified: Wed, 24 Jan 2024 14:33:55 GMT
etag: W/"0x8DC1CE97EB406F9"
vary: Accept-Encoding
x-azure-ref: 20240202T052647Z-urc3dxxsdt53d9txx5cd9dhhzg00000001bg000000006t1m
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 75032ae9-e01e-0071-44d3-54c8f0000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H2 200 healthcheck Show response
pagestates-tracking.crazyegg.com/ 19 B
463 B 47ms
10ms XHR
application/json 18.66.248.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pagestates-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/fe0cd9e3e34eb8a86f099c31f796da84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-47.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 20 Sep 2023 01:43:28 GMT
via: 1.1 c114c55bb579a01518cf64c447d45272.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 11677400
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: KXYSbSpNYCg_sYypIS9DNd3fBdxGMzv4vKvG534hrY3cnUprsIdXOw==

GET
H2 200 healthcheck Show response
assets-tracking.crazyegg.com/ 19 B
464 B 39ms
6ms XHR
application/json 18.66.122.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets-tracking.crazyegg.com/healthcheck
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/fe0cd9e3e34eb8a86f099c31f796da84.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-72.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:00:49 GMT
via: 1.1 1d087f24771eb6834b16162f1bb01660.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P2
age: 14433959
x-cache: Hit from cloudfront
content-length: 19
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
server: AmazonS3
etag: "d06f04fccf68d0b228a5923187ce1afd"
access-control-max-age: 31536000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
accept-ranges: bytes
x-amz-cf-id: ZHRFVNpNWlX8Y3wJbhtNuUZ8ENZP0wXfCRF-yS53y0C38yo9YJLfvw==

GET
BLOB 200
OK f08fb2dc-0302-4fbe-b2e7-db3d1fefe11d
https://www.gfa.org/ 45 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gfa.org/f08fb2dc-0302-4fbe-b2e7-db3d1fefe11d
Requested by: Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 45
Content-Type: text/javascript

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 410ms
191ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.gfa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.gfa.org
Date: Fri, 02 Feb 2024 05:26:47 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 fetch.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fetch/3.6.2/ 10 KB
3 KB 29ms
15ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fetch/3.6.2/fetch.min.js

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36cf9a2fc1d1b294b3247629977118945754a9b02dd44ff5df3a1e1c3b503dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gfamedia.org/
Origin: https://www.gfa.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 05:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1771330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2824
last-modified: Sat, 27 Feb 2021 21:48:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "603abe25-2837"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvxdpXC0%2FAoTYmSgV0JZqYGlfLwVWWaVU9MUeP2t5MnrTg3AXZEa9Q43aHwUCkt9afjhdfdMxhbDTj%2Bufq%2F2BkWNSDBkX8vUNRpi0m8rv0aT0i6%2BbqSZ3peN0Dd7Xp9%2FDRGLOUPphjKsGys8Uqfj7N0R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f005716cb865ac-FRA
expires: Wed, 22 Jan 2025 05:26:47 GMT

GET
H2 200 clock Show response
tracking.crazyegg.com/ 29 B
136 B 140ms
54ms XHR
text/plain 54.194.182.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.crazyegg.com/clock?t=1706851607292&tk=626fc1e3a9211059b596731c91fd7f8a&s=37002&p=%2Foffer%2Ffreebook%2F&u=125214&v=fbdaff0de41845c2a1257080b564e88474865bfd&f=gfa.org%2Foffer%2Ffreebook&ul=https%3A%2F%2Fwww.gfa.org%2Foffer%2Ffreebook%2F
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/common-scripts/fe0cd9e3e34eb8a86f099c31f796da84.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.182.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-182-162.eu-west-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: a149af0b5d1371e8432ea4f8c2203f7c715cc9f473ea6e6f8ce7f3e3cef0cd61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 05:26:47 GMT
cache-control: no-store
server: awselb/2.0
content-length: 29
content-type: text/plain

GET
H3 200 493991537614221 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 55ms
55ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/493991537614221?v=2.9.144&r=stable&domain=www.gfa.org&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99%2C173%2C172%2C174%2C179%2C180%2C181%2C177%2C169%2C115%2C117%2C168%2C170%2C106%2C135%2C128%2C131%2C112%2C164%2C204%2C100%2C110%2C205%2C142%2C104%2C126%2C119%2C107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b32cb82acfdfb991814510589c013cf6a1e7b0c55cb4edd12f1a275300d56ee5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=()
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 02 Feb 2024 05:26:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0"
pragma: public
x-fb-debug: xSLpUwhmc4yAh7/1Ah/bHpUIfCWSL9wS45my3uPKtyK0i24WgHuASfeLEITLXpPDT1gW2z4nJoZng29eGHteOg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 22ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1400103660296134&ev=PageView&dl=https%3A%2F%2Fwww.gfa.org%2Foffer%2Ffreebook%2F&rl=&if=false&ts=1706851607359&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.1.1706851607357.947382376&cs_est=true&ler=empty&cdl=API_unavailable&it=1706851606936&coo=false&exp=e1&rqm=GET

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Feb 2024 05:26:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 22ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=493991537614221&ev=PageView&dl=https%3A%2F%2Fwww.gfa.org%2Foffer%2Ffreebook%2F&rl=&if=false&ts=1706851607360&sw=1600&sh=1200&v=2.9.144&r=stable&ec=0&o=4126&fbp=fb.1.1706851607357.947382376&ler=empty&cdl=API_unavailable&it=1706851606936&coo=false&exp=e1&rqm=GET

Requested by

Host: www.gfa.org
URL: https://www.gfa.org/offer/freebook/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 02 Feb 2024 05:26:47 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=23C7D6AC59FA4FE0A63E714125B998A8&RedC=c.clarity.ms&MXFR=0375A4CF47F6631A2AEEB0D643F66DB2
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=23C7D6AC59FA4FE0A63E714125B998A8&MUID=2C6A93AB0C336A4F150387B20D336BD2

42 B
442 B

29ms
28ms

Image
image/gif

68.219.88.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=23C7D6AC59FA4FE0A63E714125B998A8&MUID=2C6A93AB0C336A4F150387B20D336BD2
Protocol: H2
Server: 68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gfa.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 05:26:47 GMT
last-modified: Wed, 10 Jan 2024 21:11:32 GMT
server: Microsoft-IIS/10.0
etag: "d765ee95944da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 05:26:47 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DCC6E427B5834D3883930CE8E97B967C Ref B: FRAEDGE1708 Ref C: 2024-02-02T05:26:47Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=23C7D6AC59FA4FE0A63E714125B998A8&MUID=2C6A93AB0C336A4F150387B20D336BD2
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
BLOB 200
OK 5ab6774f-516a-4422-b478-34f24052e01a
https://www.gfa.org/ 241 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.gfa.org/5ab6774f-516a-4422-b478-34f24052e01a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d83af1fa5b58450dbbc78622fd6d8641b957045fb7db2244020d21f9c59ae643

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 241
Content-Type: text/javascript

POST
H/1.1 204
No Content collect Show response
w.clarity.ms/ 0
291 B 95ms
95ms XHR
text/plain 23.96.124.156
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://w.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.20/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.96.124.156 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.gfa.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.gfa.org
Date: Fri, 02 Feb 2024 05:26:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.gfa.org/	1970-01-21 02:51:41	Name: csrftoken Value: iOGQ2ORwDLYWM9YiOfyltuInFiV6NogA
.gfa.org/	1970-01-20 22:26:43	Name: optimizelyEndUserId Value: oeu1706851606827r0.11435460429802413
.gfa.org/	1970-01-20 22:26:43	Name: optimizelySegments Value: %7B%22171952851%22%3A%22direct%22%2C%22172037634%22%3A%22false%22%2C%22172196679%22%3A%22gc%22%7D
.gfa.org/	1970-01-20 22:26:43	Name: optimizelyBuckets Value: %7B%7D
.gfa.org/	1970-01-20 18:07:31	Name: optimizelyPendingLogEvents Value: %5B%5D
.gfa.org/	1970-01-20 20:17:07	Name: _gcl_au Value: 1.1.1137929416.1706851607
.gfa.org/	1970-01-21 03:43:31	Name: _ga_EXEPCWTR81 Value: GS1.1.1706851606.1.0.1706851606.60.0.0
.gfa.org/	1970-01-21 03:43:31	Name: _ga Value: GA1.1.823225293.1706851607
.gfa.org/	1970-01-21 03:43:31	Name: _ga_PBJS7YH2H9 Value: GS1.1.1706851607.1.0.1706851607.0.0.0
.gfa.org/	1970-01-20 18:08:58	Name: _uetsid Value: a8b48d30c18b11ee816943f590d2190f
.gfa.org/	1970-01-21 03:29:07	Name: _uetvid Value: a8b48c10c18b11ee8628915b249e774d
.bing.com/	1970-01-21 03:29:07	Name: MUID Value: 2C6A93AB0C336A4F150387B20D336BD2
www.clarity.ms/	1970-01-21 02:53:07	Name: CLID Value: 8a0ed19ab008442daa16ef13463ec2cb.20240202.20250201
.gfa.org/	1970-01-21 02:53:07	Name: _clck Value: rn5f5g%7C2%7Cfix%7C0%7C1493
.gfa.org/	1969-12-31 23:59:59	Name: _ce.irv Value: new
.gfa.org/	1969-12-31 23:59:59	Name: cebs Value: 1
.gfa.org/	1970-01-20 18:08:58	Name: _ce.clock_event Value: 1
.gfa.org/	1970-01-20 20:17:07	Name: _fbp Value: fb.1.1706851607357.947382376
.gfa.org/	1970-01-20 18:08:58	Name: _ce.clock_data Value: 34%2C146.70.117.69%2C1%2C1a43c5a595e6acc2c81f3001d0e137e1
.gfa.org/	1969-12-31 23:59:59	Name: cebsp_ Value: 1
.gfa.org/	1970-01-21 02:53:07	Name: _ce.s Value: v~fbdaff0de41845c2a1257080b564e88474865bfd~lcw~1706851607438~lva~1706851607233~vpv~0~v11.fhb~1706851607437~v11.lhb~1706851607437~v11.cs~37002~v11.s~a8f61ae0-c18b-11ee-94a9-73ae62451df3~lcw~1706851607438
.c.bing.com/	1970-01-20 18:17:36	Name: MR Value: 0
.c.bing.com/	1970-01-21 03:29:07	Name: SRM_B Value: 2C6A93AB0C336A4F150387B20D336BD2
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 03:29:07	Name: MUID Value: 2C6A93AB0C336A4F150387B20D336BD2
.c.clarity.ms/	1970-01-20 18:17:36	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 18:07:32	Name: ANONCHK Value: 0
.gfa.org/	1970-01-20 18:08:58	Name: _clsk Value: 1s8roya%7C1706851607653%7C1%7C1%7Cw.clarity.ms%2Fcollect

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1400103660296134?v=2.9.144&r=stable&domain=www.gfa.org&hme=44ba03e7b4a66084f0064fdada9e7a7b89f6f2cf807a204d10c6509aeae35209&ex_m=62%2C105%2C93%2C97%2C53%2C3%2C88%2C61%2C14%2C86%2C79%2C44%2C46%2C148%2C151%2C162%2C158%2C159%2C161%2C25%2C89%2C45%2C68%2C160%2C143%2C146%2C155%2C156%2C163%2C114%2C13%2C43%2C167%2C166%2C116%2C16%2C29%2C32%2C1%2C36%2C57%2C58%2C59%2C63%2C83%2C15%2C12%2C85%2C82%2C81%2C94%2C96%2C31%2C95%2C26%2C22%2C144%2C147%2C123%2C24%2C9%2C10%2C11%2C5%2C6%2C21%2C19%2C20%2C49%2C54%2C56%2C66%2C90%2C23%2C67%2C8%2C7%2C71%2C41%2C18%2C91%2C17%2C4%2C73%2C80%2C72%2C78%2C40%2C39%2C77%2C33%2C35%2C76%2C48%2C74%2C28%2C37%2C65%2C0%2C84%2C75%2C2%2C30%2C55%2C34%2C92%2C38%2C70%2C60%2C98%2C52%2C51%2C27%2C87%2C50%2C47%2C42%2C69%2C64%2C99(Line 105) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.gfa.org/offer/freebook/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-tracking.crazyegg.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.optimizely.com
cdnjs.cloudflare.com
connect.facebook.net
dnn506yrbagrg.cloudfront.net
email.mg.gfa.org
fonts.googleapis.com
fonts.gstatic.com
gfamedia.org
pagestates-tracking.crazyegg.com
region1.analytics.google.com
region1.google-analytics.com
script.crazyegg.com
stats.g.doubleclick.net
tracking.crazyegg.com
w.clarity.ms
www.clarity.ms
www.facebook.com
www.gfa.org
www.gfamedia.org
www.google.de
www.googletagmanager.com
18.66.122.72
18.66.242.7
18.66.248.47
2001:4860:4802:32::36
23.96.124.156
2606:4700:20::681a:324
2606:4700:20::ac43:4812
2606:4700::6811:190e
2606:4700::6813:9308
2620:1ec:46::62
2620:1ec:c11::200
2a00:1450:4001:811::200a
2a00:1450:4001:81c::2003
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200a
2a00:1450:400c:c00::9b
2a02:26f0:480:5b0::13b8
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
34.102.239.211
35.199.187.27
54.194.182.162
68.219.88.97
08101ab21e54eed11f7d3d40ff64000a33c13e4962a980e5ca543477bf148413
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
1073003f78c62759b997e41f21ba2383686b8beda196c4fe43b4e3134b5a4e38
22cf1baba55eced80d7ebb0de51fc8961757ef581964f8e10ebc8676399eba81
23ce20de25466074b34945d6b4e030d6137bad3d8e1e2c83737e8ef7ae975854
2f36883c2e166774062b72e993c6b785d14eec694e57fdb54c2a53efae4cc799
31f7a778b07135aa43d27e8886f94a69b67dec5345b467ec97ed8d0b77d1a6b9
35056163a93c5528f3a085138e7e5ad0a22f97a06109c6cfc9111e63906d58cf
36cf9a2fc1d1b294b3247629977118945754a9b02dd44ff5df3a1e1c3b503dd0
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3c64253aa01afccf46d7bbc8d2a7f610df11bdb8f3a06e7bb6ec3f27fdd20a16
41eed9fa0ef88baa52bc008e6712c9fa443ad1eaec80ccb4b0e64f6285cad9c5
442474257b4675b49f8d86a4bfb93fdcb9165e6b0c2104cf1958f28f6f56c66d
4fa898d9bdc34304905c4b165e561c8dc3fe452b0bdd7259140e1aa530a42136
5209a22c9b917daf925c582f39bfa5577724d79116fdb7f03eaa8c948a53480a
594e7d9cb00a2c0cde3ad2104ea9492e2c2d7aeb04210a62269714b82571fea7
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
62cb4d4f5d117898a64badb37c22301182c3af7b45b87d26d55d580de4263638
6516c5ab25ca744620a3ec5ef082f307ee5ab61a5da1b7fe94843998cec5d869
6fe667e13a8e25273e579f3a6e7e2b6cf92aa91c2b09c967d46863b380f840be
7ea2b3e81abda845f3429f4cb0d5ac6a81c143c61fb3c5c4a5ccad1474436ca4
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
86551808dbfbf8bc9b23ab3d0725794c2e1f2b4265c96715f2945638160edc2b
960a9a97eebb5313c6553e4079991ac1bd078ce38b30f2a5020dc1c4972f8ca5
96c1a6d16ae87b8146e0e3892f38d92de07b0dae6e160ee0c687cc196ae5974a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9cc17881fc6c9f5a866a15e30530eedc116e184629cca71e323e9d7245f9d1a2
9f495b38895304ad8e1dccd53260eac0ad9a46dee72e1ba1ff119f3cc7d57d5a
a134d82faa6faa4d9c714e1248ce5b918d36d792f7941205d947d98a8dd96f28
a149af0b5d1371e8432ea4f8c2203f7c715cc9f473ea6e6f8ce7f3e3cef0cd61
a452a13b973af9a846d70fb808d5fc9949a74013424467b5bb7e320839b29815
b2b3b691360be91324019c0b40152380c20a1d1b179b2573955a5c7505a06ebf
b2f256ac3fe5685ecddad24da3438edc567aefc20bb5d12781cd2c1d222a0f19
b32cb82acfdfb991814510589c013cf6a1e7b0c55cb4edd12f1a275300d56ee5
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c298f4c4962fc999bb4d14a56c8e138350204d28500bb509ec58e8edf81ead4c
c81c03c7164b0d7fa8c2b8cc27f39529e1169da1c28a8518831796bcd0456c64
cbcfb303a1e7d1f9da8965565b535f4122f2de2f1f3ed9f61f3f9e2dad3dcf9d
d480e4f6869fe772f8a64c20e711ec8d164ab0b6d4b4ef4b381aa088e583570e
d664de4b058971b31b9776d02d5fde99c747bdc1dc570e141e1bc23e4cdf6dbc
d809dbbefde978845fdbb27d8a74c0a9f2c0329df1c336abbd9894d90a82f90f
d83af1fa5b58450dbbc78622fd6d8641b957045fb7db2244020d21f9c59ae643
da707b037bb2d2ad5cb9f627a139865ccc5bd32e9191749bbf3f6a81622e14d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45b159eb2c5ad93a1f267269c7d4eff93793fbe1d2b2950177d3213dc97fe05
ef17c8b7111d14d358a18a2810a9421bce529837767eb7bc01dd5b1f176b17e5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb120c78104205b3314371e5f5e499da010f9b6b1289444554e7b422c0c89ff
f208dad298f08a3528e3bed0b38cbfbccd173f4845db8421e826b92064d1c279
f7af302ea383a3588a3e3b86464ae444368cd1df5de81b9aaec8949f46ac74e7
f93e73ff9b53cb124a7fb64b1d427b5795b83c1ccf9e63c751f636f1dec70c23
f98a1459acb272898b871033eeaf5b0ed9df077ac05a78726c216690b566181c
fa4040143cfff2e70a35d94593f19f32fdccbadfe25e379e0d3e68b01854d8d9

www.gfa.org Open in urlscan Pro 35.199.187.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

83 %HTTPS

67 %IPv6

17 Domains

26 Subdomains

23 IPs

5 Countries

833 kBTransfer

2121 kBSize

28 Cookies

2 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.gfa.org Open in urlscan Pro
35.199.187.27 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

83 %
HTTPS

67 %
IPv6

17
Domains

26
Subdomains

23
IPs

5
Countries

833 kB
Transfer

2121 kB
Size

28
Cookies

63 HTTP transactions
0 data transactions