urlscan.io logo urlscan.io
SecurityTrails logo

geoguessr.com Open in urlscan Pro
176.34.122.158  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url3138.geoguessr.com/wf/click?upn=0VS0nSYT-2BVACczTxn-2BLEYoyWYdaPdOD7l7PUPh9uWyh6ToU-2FqwxPhe6K8OE-2FTVvgRcSa5JmiCCb...
Effective URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Submission: On January 18 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 12 HTTP transactions. The main IP is 176.34.122.158, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is geoguessr.com.
TLS certificate: Issued by RapidSSL RSA CA 2018 on February 25th 2019. Valid for: a year.
This is the only time geoguessr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.115.56 11377 (SENDGRID)
3 176.34.122.158 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
12 6
1    167.89.115.56 (United States)

ASN11377 (SENDGRID - SendGrid, Inc., US)
PTR: o16789115x56.outbound-mail.sendgrid.net
url3138.geoguessr.com
3    176.34.122.158 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-122-158.eu-west-1.compute.amazonaws.com
geoguessr.com
2    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
apis.google.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
staticxx.facebook.com
1    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
3 geoguessr.com geoguessr.com
2 connect.facebook.net geoguessr.com
connect.facebook.net
2 www.google-analytics.com geoguessr.com
2 apis.google.com geoguessr.com
apis.google.com
1 staticxx.facebook.com connect.facebook.net
1 fonts.gstatic.com geoguessr.com
1 fonts.googleapis.com geoguessr.com
1 url3138.geoguessr.com 1 redirects
12 8

This site contains links to these domains. Also see Links.

Domain
shop.spreadshirt.se
Subject Issuer Validity Valid
*.geoguessr.com
RapidSSL RSA CA 2018		 2019-02-25 -
2020-03-03		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-20 -
2020-03-13		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Frame ID: B37D764035D9B1CEDE3D0109BBCA4B12
Requests: 11 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=45
Frame ID: 17BD6E9E6CB53E8983DC49376738E300
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://url3138.geoguessr.com/wf/click?upn=0VS0nSYT-2BVACczTxn-2BLEYoyWYdaPdOD7l7PUPh9uWyh6ToU-2FqwxPhe6K8... HTTP 302
    https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

12
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

404 kB
Transfer

1134 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url3138.geoguessr.com/wf/click?upn=0VS0nSYT-2BVACczTxn-2BLEYoyWYdaPdOD7l7PUPh9uWyh6ToU-2FqwxPhe6K8OE-2FTVvgRcSa5JmiCCbbr1c4AkIoF-2FnRjA36picle-2B-2FnScI58YpfeGgSc6aEbxZ3RC-2BjzIJm_LCfR2MkmOHlPgf7roqbY-2Fclqb4BmDUTew-2FKRK-2BcR5lIK2a4w4m44el77aVEroeViNrfG3XTPSaJEqV9OHlh9swHcgbDJtzdbJ2yYixUnCcoeXU-2FyXL0-2BBnshXFniVRQU3VvVjczphY0-2BSExJSGIHRoh4PJlTc6ACu8x-2BVJwAipqTbdTb2YvZdVRwoG-2BBXXsYK2tpqEvlRxzmRNE1-2FlewtA-3D-3D HTTP 302
    https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
geoguessr.com/profile/set-password/
Redirect Chain
  • http://url3138.geoguessr.com/wf/click?upn=0VS0nSYT-2BVACczTxn-2BLEYoyWYdaPdOD7l7PUPh9uWyh6ToU-2FqwxPhe6K8OE-2FTVvgRcSa5JmiCCbbr1c4AkIoF-2FnRjA36picle-2B-2FnScI58YpfeGgSc6aEbxZ3RC-2BjzIJm_LCfR2MkmOH...
  • https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.122.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-122-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
da6d1b1aef765ac5cade9a62a502263ab486617aa08f9105b15304e5ce7fed35

Request headers

:method
GET
:authority
geoguessr.com
:scheme
https
:path
/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
server
nginx
date
Sat, 18 Jan 2020 04:00:43 GMT
content-type
text/html
vary
Accept-Encoding Accept
cache-control
private
access-control-allow-origin
access-control-allow-credentials
true
access-control-max-age
3600
content-encoding
gzip

Redirect headers

Server
nginx
Date
Sat, 18 Jan 2020 04:00:43 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
X-Robots-Tag
noindex, nofollow
profile.a0788404.css
geoguessr.com/Static/Dist/css/ 		59 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://geoguessr.com/Static/Dist/css/profile.a0788404.css
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.122.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-122-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c31f51752ca8e64157ce226d75d9067b9a03fff39b395f6c2d0378157c9eb839

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 04:00:43 GMT
content-encoding
gzip
last-modified
Wed, 15 Jan 2020 05:06:47 GMT
server
nginx
etag
W/"4157669661cbd51:0"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
expires
Thu, 01 Oct 2020 00:00:00 GMT
client:platform.js
apis.google.com/js/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/client:platform.js
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
bdf8671deef7402decc0f2720e6c3f19aaf6c2acfd29ad93fc46681924cda3b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 04:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
script-src 'report-sample' 'nonce-ZS3ocL5zz609/PLVfSHPPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
strict-transport-security
max-age=31536000
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"a8ad47a048f344971e2a42b923ff4951"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
expires
Sat, 18 Jan 2020 04:00:43 GMT
profile.99ad518d.js
geoguessr.com/Static/Dist/js/ 		455 KB
153 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://geoguessr.com/Static/Dist/js/profile.99ad518d.js
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.122.158 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-122-158.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e5d0225808461972070b050679118bd8d7ef709c07496fd95b5d186c1f89c0d6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 18 Jan 2020 04:00:43 GMT
content-encoding
gzip
last-modified
Wed, 15 Jan 2020 05:08:25 GMT
server
nginx
etag
W/"c6b834d161cbd51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000
expires
Thu, 01 Oct 2020 00:00:00 GMT
css
fonts.googleapis.com/ 		4 KB
609 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d0565f9364231901efa0dd791148c8f8b5bc26eabeebed50243418fe20d4498c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Sat, 18 Jan 2020 04:00:43 GMT
server
ESF
access-control-allow-origin
*
date
Sat, 18 Jan 2020 04:00:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Sat, 18 Jan 2020 04:00:43 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5229
date
Sat, 18 Jan 2020 02:33:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Sat, 18 Jan 2020 04:33:34 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
08e1834a932c1c6dd3388e65b020ae1b1f9fc2fd0821a3b20a633887f8f19c10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
C00WVr/vk4QyX/lnZ9YJGQ==
status
200
date
Sat, 18 Jan 2020 04:00:43 GMT, Sat, 18 Jan 2020 04:00:43 GMT
expires
Sat, 18 Jan 2020 04:19:21 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
1780
x-fb-debug
1NUjwlC9fAJht9FN0gLZVOcCHLKg5aG6uBAMTX5s3uBG+1dq3Slo2cnlfOjBYaQ6gB1EPp8bCRBVM5pIPKdODQ==
x-fb-trip-id
1850256238
x-fb-content-md5
8fe00cd12fcb382bfbf97e6aa67ec0a4
etag
"ca0c15d93434f1cead448e430db7a9b7"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
fonts.gstatic.com/s/robotoslab/v10/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v10/BngMUXZYTXPIvIBgJJSb6ufN5qWr4xCC.woff2
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a0e89bf9070896e8016be5d04a290635ea0a95e9c8bc6dbfcd3ee45bc41fc5a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700
Origin
https://geoguessr.com

Response headers

date
Thu, 09 Jan 2020 02:04:22 GMT
x-content-type-options
nosniff
last-modified
Thu, 14 Nov 2019 22:02:28 GMT
server
sffe
age
784581
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
30940
x-xss-protection
0
expires
Fri, 08 Jan 2021 02:04:22 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/ 		288 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.sMn3oj1Y3cA.O/m=client/rt=j/sv=1/d=1/ed=1/am=wQc/rs=AGLTcCN2dfVUHs4zuTf0kWyDefSg5_jNrA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client:platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d5ac2669b3c017fe37485415893850711b30c8ec9e50fdb04a2af3ff42881ed1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Sat, 04 Jan 2020 20:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Dec 2019 23:42:29 GMT
server
sffe
age
1148860
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
101389
x-xss-protection
0
expires
Sun, 03 Jan 2021 20:53:03 GMT
sdk.js
connect.facebook.net/en_US/ 		197 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=3fd17ed32f24419c941d356ab0776a4b&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
09d51e98921f1bab8b6a2df519703d5547619292e6feebdd3f8b56247dab8ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Origin
https://geoguessr.com

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
+nt3EAXYFxI4GfYjj3VL2Q==
status
200
date
Sat, 18 Jan 2020 04:00:43 GMT, Sat, 18 Jan 2020 04:00:43 GMT
expires
Sun, 17 Jan 2021 02:03:54 GMT
alt-svc
h3-24=":443"; ma=3600
content-length
60194
x-fb-debug
+VxjHWG4GVxfIviaxDm5gkJ0Gk2DYMHx8GhXGxrCdMrDok/RigEY0RM7ZfDJi2IPnErMv/z5qrYPsWOhlnaAXg==
x-fb-trip-id
1850256238
x-fb-content-md5
a4202e56e30af0d6f4f43f9f4ccd71a1
etag
"2faf6996a77ac9649119fd39669552b4"
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j79&a=203193149&t=pageview&_s=1&dl=https%3A%2F%2Fgeoguessr.com%2Fprofile%2Fset-password%2F3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi&ul=en-us&de=UTF-8&dt=GeoGuessr%20-%20Let%27s%20explore%20the%20world!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAAAB~&jid=504695149&gjid=233113920&cid=987505474.1579320044&tid=UA-40205730-2&_gid=680684721.1579320044&_r=1&cd1=none&z=521813390
Requested by
Host: geoguessr.com
URL: https://geoguessr.com/profile/set-password/3iSB8S22xEsUNegZKh4Az3PAHFRyjyyi
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jan 2020 04:00:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_arbiter.php
staticxx.facebook.com/connect/ Frame 17BD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter.php?version=45
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=3fd17ed32f24419c941d356ab0776a4b&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter.php?version=45
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
content-encoding
br
content-type
text/html; charset=utf-8
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
expires
Sat, 16 Jan 2021 18:01:42 GMT
cache-control
public,max-age=31536000,immutable
x-fb-debug
0oFKLtkd+ivaMECukJtu9RDR0V7TAZSBVBu6Yo0DCcqceKxipKpEFyoS7OQ/8/b6IaqeMVJQu2U0Cmz0YzBumA==
content-length
12406
x-fb-trip-id
1850256238
date
Sat, 18 Jan 2020 04:00:43 GMT Sat, 18 Jan 2020 04:00:43 GMT
alt-svc
h3-24=":443"; ma=3600

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| user object| settings string| GoogleAnalyticsObject function| ga object| Backbone function| _ object| gapi object| ___jsl object| FB object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gadgets object| osapi object| shindig object| googleapis object| oauth2 object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| __gapi_jstiming__

3 Cookies

Domain/Path Name / Value
.geoguessr.com/ Name: _gat
Value: 1
.geoguessr.com/ Name: _gid
Value: GA1.2.680684721.1579320044
.geoguessr.com/ Name: _ga
Value: GA1.2.987505474.1579320044