urlscan.io logo urlscan.io
SecurityTrails logo

gf.fan Open in urlscan Pro
13.225.239.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI=
Effective URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email...
Submission: On May 30 via api from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 8 domains to perform 19 HTTP transactions. The main IP is 13.225.239.96, located in United States and belongs to AMAZON-02, US. The main domain is gf.fan.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 8th 2023. Valid for: a year.
This is the only time gf.fan was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.17.74.206 (None, )

ASN13335 (CLOUDFLARENET, US)
em.money2020.com
5    13.225.239.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-239-96.bru50.r.cloudfront.net
gf.fan
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:1f18:41d6:7402:c10b:929d:83d3:40ad (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
cognito-identity.us-east-1.amazonaws.com
2    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    52.217.80.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-east-1-r-w.amazonaws.com
gf-fan-engagement.s3.us-east-1.amazonaws.com
1    3.5.28.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com
gf-fan-engagement.s3.amazonaws.com
Apex Domain
Subdomains		 Transfer
7 amazonaws.com
cognito-identity.us-east-1.amazonaws.com — Cisco Umbrella Rank: 2052
gf-fan-engagement.s3.us-east-1.amazonaws.com
gf-fan-engagement.s3.amazonaws.com
867 KB
5 gf.fan
gf.fan
743 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 30
21 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6080
408 B
1 google.com
www.google.com — Cisco Umbrella Rank: 2
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
343 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
51 KB
1 money2020.com
em.money2020.com
1 KB
19 8
Domain Requested by
5 gf.fan em.money2020.com
gf.fan
4 cognito-identity.us-east-1.amazonaws.com gf.fan
2 gf-fan-engagement.s3.us-east-1.amazonaws.com gf.fan
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 gf-fan-engagement.s3.amazonaws.com
1 www.google.de
1 www.google.com
1 stats.g.doubleclick.net www.google-analytics.com
1 www.googletagmanager.com gf.fan
1 em.money2020.com
19 10

This site contains links to these domains. Also see Links.

Domain
greenfly.com
Subject Issuer Validity Valid
em.money2020.com
Cloudflare Inc ECC CA-3		 2022-09-04 -
2023-09-04		 a year crt.sh
gf.fan
Amazon RSA 2048 M02		 2023-05-08 -
2024-06-05		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
cognito-identity.us-east-1.amazonaws.com
Amazon RSA 2048 M02		 2023-05-08 -
2024-06-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-05-08 -
2023-07-31		 3 months crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-20		 8 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh

This page contains 1 frames:

Primary Page: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
Frame ID: 792EE826DC9B55206816D29C828681CF
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Greenfly Fan

Page URL History Show full URLs

  1. https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1... Page URL
  2. https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslau... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

19
Requests

100 %
HTTPS

60 %
IPv6

8
Domains

10
Subdomains

11
IPs

4
Countries

1684 kB
Transfer

1795 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI= Page URL
  2. https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI=
em.money2020.com/ 		656 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.17.74.206 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-Jzc1sRFAzoAM5poCEHPJoLU1RLqtB3url5eGn4P0Hr8=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7cf8625f4e899bfb-FRA
content-security-policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-Jzc1sRFAzoAM5poCEHPJoLU1RLqtB3url5eGn4P0Hr8=';object-src 'none';form-action:'none';frame-src:'none'
content-type
text/html;charset=UTF-8
date
Tue, 30 May 2023 16:34:23 GMT
referrer-policy
strict-origin
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-request-id
f8b2221ed094716d
Primary Request europesgotaccess
gf.fan/MONEY2020/ 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
Requested by
Host: em.money2020.com
URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-96.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ac8d5b837ff5dd6995d44aa78c8f294ad69df5915112b2c1d61c6f583863ec3

Request headers

Referer
https://em.money2020.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
445
Connection
keep-alive
Content-Length
2565
Content-Type
text/html
Date
Tue, 30 May 2023 16:34:24 GMT
ETag
"928165a033312c88a0c3b46de72c47ea"
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
Via
1.1 8586a85c12ddfad3096d554af46e9972.cloudfront.net (CloudFront)
X-Amz-Cf-Id
zSlYHviEjMBOzkWuLZvs7R1Zjt5qlb2E6FvOJr4qZe41gt3d7FNu_A==
X-Amz-Cf-Pop
BRU50-C1
X-Cache
Error from cloudfront
main.bf04da0d.chunk.css
gf.fan/static/css/ 		16 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/css/main.bf04da0d.chunk.css
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-96.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11bd59cf46c1d0968cb8af835b6487c6c6db72491f84f26c9f067099b088fd70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 16:34:22 GMT
Via
1.1 8586a85c12ddfad3096d554af46e9972.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BRU50-C1
Age
3
ETag
"62e178afd8cacc23022c39af06deeee6"
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16000
X-Amz-Cf-Id
SqmsW4IFgkC85nvxXWyDdXwZKaYx6A9cc9ZcHgB7dGUAKb6lKe6UMQ==
2.9c462d13.chunk.js
gf.fan/static/js/ 		695 KB
696 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/js/2.9c462d13.chunk.js
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-96.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86fb74e5fef3808142b989d2a2e6e08bb24894bb1ae2079d31e2c92d0cdf9203

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 16:34:22 GMT
Via
1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BRU50-C1
Age
3
ETag
"1027b2f80a2f8a3481c029827e47dcd2"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
711856
X-Amz-Cf-Id
7YiemkQoINmQpbV8rqUKcCwVBoOmIs3_p_vRaHet0Ef5HulLQarLZg==
main.2b269b4d.chunk.js
gf.fan/static/js/ 		24 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/js/main.2b269b4d.chunk.js
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-96.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd591d9b7a6c245217283173d39b5313298a34746fe67be5282561d6e3388087

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 16:34:22 GMT
Via
1.1 7d12bef71f48487e9202b581d949876e.cloudfront.net (CloudFront)
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
X-Amz-Cf-Pop
BRU50-C1
Age
3
ETag
"7c076af83cba6621545942cb5a91f884"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24963
X-Amz-Cf-Id
SNE0fmTsYSELOOQvdCVP644MPa3Y4n7ZXnlz-VeWRQurh4U2ooLEMw==
gtm.js
www.googletagmanager.com/ 		134 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W54SN38
Requested by
Host: gf.fan
URL: https://gf.fan/MONEY2020/europesgotaccess?utm_term=noterm&utm_campaign=europe2023-accesslaunch&utm_medium=email&utm_source=mkt-email-delprom&utm_content=2023.05.04&mkt_tok=ODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
124921ad573153d36042bdecf3fe06698e3e6bdc0f2153a3ebae7db2be2f4182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 30 May 2023 16:34:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52161
x-xss-protection
0
last-modified
Tue, 30 May 2023 16:09:28 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 May 2023 16:34:24 GMT
greenfly-fan-engagement-app.0537a994.ttf
gf.fan/static/media/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gf.fan/static/media/greenfly-fan-engagement-app.0537a994.ttf
Requested by
Host: gf.fan
URL: https://gf.fan/static/css/main.bf04da0d.chunk.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.239.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-239-96.bru50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ec3b68b0e424d7e275e9abfce9e737ea95a1e7c681849b062d08acdb2b192c74

Request headers

Referer
https://gf.fan/static/css/main.bf04da0d.chunk.css
Origin
https://gf.fan
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 16:34:23 GMT
Via
1.1 583308eb4f461d4428530a34ba6d1e04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BRU50-C1
Age
2
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2868
Last-Modified
Fri, 30 Sep 2022 22:30:32 GMT
Server
AmazonS3
ETag
"bb660c76c5c1171bb9a55a0c27476815"
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Content-Type
font/ttf
Access-Control-Allow-Origin
https://gf.fan
Access-Control-Expose-Headers
ETag
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
X-Amz-Cf-Id
ze75PS0oUWfz6Lh7WjTj0sYK4sz0-oOJaGY-0OmIkmpDYwHJQC1Aew==
/
cognito-identity.us-east-1.amazonaws.com/ 		63 B
317 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: gf.fan
URL: https://gf.fan/static/js/2.9c462d13.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:c10b:929d:83d3:40ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
6d0f6c4220c0f11982a924fe840e400f9a9518b51165e8eac693424e68809ef0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/x-amz-json-1.1
amz-sdk-invocation-id
80f8c22a-a3fd-4474-b936-be7dc878df27
Referer
https://gf.fan/
amz-sdk-request
attempt=1; max=3
x-amz-target
AWSCognitoIdentityService.GetId
x-amz-user-agent
aws-sdk-js/3.6.1 os/Windows/NT_10.0 lang/js md/browser/Chrome_113.0.5672.126 api/cognito_identity/3.6.1 aws-amplify/4.3.2_js

Response headers

access-control-allow-origin
*
date
Tue, 30 May 2023 16:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
094c0a27-6d52-4c22-b54c-6ecf7572b1f9
content-length
63
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:c10b:929d:83d3:40ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://gf.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 30 May 2023 16:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
6024e752-243f-4473-b755-59fa0ca7b9c7
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W54SN38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 May 2023 14:35:34 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
7130
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Tue, 30 May 2023 16:35:34 GMT
collect
www.google-analytics.com/j/ 		4 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=875207358&t=pageview&_s=1&dl=https%3A%2F%2Fgf.fan%2FMONEY2020%2Feuropesgotaccess%3Futm_term%3Dnoterm%26utm_campaign%3Deurope2023-accesslaunch%26utm_medium%3Demail%26utm_source%3Dmkt-email-delprom%26utm_content%3D2023.05.04%26mkt_tok%3DODk3LU1CQy0yMDcAAAGLhem3naQYWsiLqruCOHn_6dPQuPuj5mtDQYB_vn4_MwAeR_f7oEUjv4JG36ZNpN2wT-gPhX3fCXVkuFPQYEZTwN5ZqeK3Wr-W4RULQa9h1pXQoc0&dr=https%3A%2F%2Fem.money2020.com%2F&ul=en-us&de=UTF-8&dt=Greenfly%20Fan&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=532619670&gjid=2004199609&cid=133091783.1685464465&tid=UA-174533423-1&_gid=1826442555.1685464465&_r=1&_slc=1&gtm=45He35o0n81W54SN38&z=1936992766
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.fan/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 May 2023 16:34:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gf.fan
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-174533423-1&cid=133091783.1685464465&jid=532619670&gjid=2004199609&_gid=1826442555.1685464465&_u=YEBAAEAAAAAAACAAI~&z=2019709728
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://gf.fan/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 30 May 2023 16:34:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://gf.fan
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-174533423-1&cid=133091783.1685464465&jid=532619670&_u=YEBAAEAAAAAAACAAI~&z=4029726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 16:34:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-174533423-1&cid=133091783.1685464465&jid=532619670&_u=YEBAAEAAAAAAACAAI~&z=4029726
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 May 2023 16:34:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cognito-identity.us-east-1.amazonaws.com/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Requested by
Host: gf.fan
URL: https://gf.fan/static/js/2.9c462d13.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:c10b:929d:83d3:40ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
3aea0fdc4e2964fe9a143463a9293ff77bcac0ff0848fa73546d318aaa36b2e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type
application/x-amz-json-1.1
amz-sdk-invocation-id
11d525cb-461a-423b-997f-f18a628fc652
Referer
https://gf.fan/
amz-sdk-request
attempt=1; max=3
x-amz-target
AWSCognitoIdentityService.GetCredentialsForIdentity
x-amz-user-agent
aws-sdk-js/3.6.1 os/Windows/NT_10.0 lang/js md/browser/Chrome_113.0.5672.126 api/cognito_identity/3.6.1 aws-amplify/4.3.2_js

Response headers

access-control-allow-origin
*
date
Tue, 30 May 2023 16:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid
9cdd7ad0-fb1c-434b-b5ed-90e7efec7181
content-length
1760
content-type
application/x-amz-json-1.1
/
cognito-identity.us-east-1.amazonaws.com/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cognito-identity.us-east-1.amazonaws.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:41d6:7402:c10b:929d:83d3:40ad Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
Access-Control-Request-Method
POST
Origin
https://gf.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers
amz-sdk-invocation-id,amz-sdk-request,content-type,x-amz-target,x-amz-user-agent
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-expose-headers
x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age
172800
content-length
0
date
Tue, 30 May 2023 16:34:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-amzn-requestid
8cdb7791-b2e2-4042-b565-6d4eff68acf2
europesgotaccess.json
gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/europesgotaccess.json?response-cache-control=no-cache&x-id=GetObject
Requested by
Host: gf.fan
URL: https://gf.fan/static/js/2.9c462d13.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.80.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
b7839fac7b29da23894baf5af490323df0788ad0d6286837fe6efe99ab9a50ea

Request headers

accept-language
de-DE,de;q=0.9
authorization
AWS4-HMAC-SHA256 Credential=ASIAYXSNJPQOU4HPIWDL/20230530/us-east-1/s3/aws4_request, SignedHeaders=amz-sdk-invocation-id;amz-sdk-request;host;x-amz-content-sha256;x-amz-date;x-amz-security-token;x-amz-user-agent, Signature=0dc9d016fa79a58a3d6014b6d2379becf36fb6665250fb3cb5773c7408252799
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
x-amz-content-sha256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Accept
application/json, text/plain, */*
amz-sdk-invocation-id
f5f6fed9-27dc-485e-b76a-c7ce22d2382a
x-amz-security-token
IQoJb3JpZ2luX2VjEFkaCXVzLWVhc3QtMSJHMEUCIQClsOQiiqLrdin7U7HlHPfU6oFbKQXNTyE63dh8Dj/QOQIgX8htIlAqQzHsZhQnZiFA7CdQB3+pI/hU+BAEefHn8/AqkAYIkv//////////ARAAGgw2MDAzODM3ODE5MTciDB4Hf/6bS+/h4SCDECrkBc6d7rqUVDGwNpb/ukxQaE499oF23L5osvsbk/XfYVYzDmdZsOzR4c+WDZ/4qU/Zwyke8A06yUH+jBp4hoXAwJe1y6XvBnYY+jTzqeR7jVkjF0MCSQcpsAf2F8Sq2SWD2mv7/TqcOn2m88DEdKymOzO6eY7D/rl3NN0bhUM/AsXyvWVGFFkLcZH3ab/+DgB1UE1da6VPd74jt+KrytsQBj9RhUdmIZjhxiFQjAHF37ioMC6OKZ5io5kcWFxAQUVhV9CiILezZQzHCTVULFuBnKaAm05xVPluLerV3bHP5pRkCNdlp3Rw/HvDHH/bqCk75g5kGkuMzC3oofm/98F+G8Yi+0MFyGQRuk2P0dgrwqxCwPF4f9ugbgBxcwCfMGXLMvmkv937Ipg9FrwLVb8Uo7nuzMW+ChgnbWkVrL+956BbxTz8GQDaRX7FwjopHsYEwgCvU7HQqfDgox964zG94KFmXMwtTIN1Iw+ChIMBjQllIlXAURaS5irNpg6LL56yQPJdd7fjFObvnFUNvU1U5np//d/fBjOLxz+DvljCgTQlSDz2e+VdU8IqpG2I6C+89Wkq+uv2RCCWej1eOL99Cdm3wQM7zr3y72yDMWCRD79nqE0pKV8NsfwODKKroZntEhDatZ3waVHJ/fYp6DKA/vgFhJ3pnBxeaythRFa4X/4cbRJLn22CQkwxqzTwkgr329Bx9GftopDUvLwfv/g1w+6lTAAFuwGWaTvW3Zte8I3P34q2+CFA87SlUEQU768EBWkfRAUN2xGaTs38buYLWmz+bUid66XjXAhjImC64SNxOKVNKkTq4FU5vVq/XpmPk+ZRYMtmDPUz/ymXSxCeCbCTLk+cHSYqaZe3vXVE3TfgD+0hVi5K2Co2+P2zak+Q80lUAH1U49dH+7MVeEAR8bfPpjFWnYxIC2o/PeGwY2zAsFTO/MyqmZtCucJd7jvzRmIrLDIH0Z77A6ZG72f7vgf//4TyMJHL2KMGOocCtddvj1hXzwBvnfowdPqpN13R5jU0f4wu0VztE88t31CJ30pEfoUVdqxXr/8ZqZExuY507F2EA523PfAl4KvyzYdIfFB56FN5Q5OrIlbeEs3uVLN+Qu7nSdUbXekXYxxF0Z+Jsm9BpjqMvMS1BOU2t/hciPIsHFEed2lk8xsM4K0GSNfx1/SG0DP04RaH314o8NBpomL0z68ZfivCMXn5667331BUh4KoMDwePU8bSwnjwA2lSqmovQ7qvXH96sgWHh8NNViASCyRs2+TvD0T74vw3ISzlXGpTXDLcG51M/I96tV1FsPQ0K4X/ZFoEDFXwbvRHbFfak67COQuaM40sBBfAJTe1Rs=
amz-sdk-request
attempt=1; max=3
Referer
https://gf.fan/
x-amz-user-agent
aws-sdk-js/3.6.1 os/Windows/NT_10.0 lang/js md/browser/Chrome_113.0.5672.126 api/s3/3.6.1 aws-amplify/4.3.2_js
x-amz-date
20230530T163425Z

Response headers

Date
Tue, 30 May 2023 16:34:26 GMT
x-amz-request-id
XSGSR71AWPX3DFWX
x-amz-server-side-encryption
AES256
Content-Length
1909
x-amz-id-2
rfLnlXmJ1+KDtZnjidcBIOpjIT9bb1PL/mC7rvMucIqo7vTidJOrPVocA3bJF0kOijxUVsW7m/I=
Last-Modified
Tue, 25 Apr 2023 15:19:54 GMT
Server
AmazonS3
ETag
"dbf81a848f30a10f0e76ca2d56b3875f"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Content-Type
application/json
Access-Control-Allow-Origin
https://gf.fan
Access-Control-Expose-Headers
ETag
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
europesgotaccess.json
gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gf-fan-engagement.s3.us-east-1.amazonaws.com/public/MONEY2020/europesgotaccess.json?response-cache-control=no-cache&x-id=GetObject
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.80.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-east-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
amz-sdk-invocation-id,amz-sdk-request,authorization,x-amz-content-sha256,x-amz-date,x-amz-security-token,x-amz-user-agent
Access-Control-Request-Method
GET
Origin
https://gf.fan
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
amz-sdk-invocation-id, amz-sdk-request, authorization, x-amz-content-sha256, x-amz-date, x-amz-security-token, x-amz-user-agent
Access-Control-Allow-Methods
GET, POST, PUT, HEAD
Access-Control-Allow-Origin
https://gf.fan
Access-Control-Expose-Headers
ETag
Content-Length
0
Date
Tue, 30 May 2023 16:34:26 GMT
Server
AmazonS3
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-id-2
B6LQWw2vXRLjqid95tIzUy7+ZhbTBM/sgFidT2BLisP5Q+GPR454fdV3ULv5/xfizo6Vl8wzA/s=
x-amz-request-id
XSGG8VFB13C363SE
truncated
/ 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
586eeaccf396962a6b42e22e66a604c7a356c31182f6cd4ea7ce9942996a7338

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/png
d15bf5fe-a36f-40e1-a640-515805db5056032723_EU_MKTG_DEL_Greenfly_2.png
gf-fan-engagement.s3.amazonaws.com/public/_banners/d/1/5/b/ 		862 KB
862 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gf-fan-engagement.s3.amazonaws.com/public/_banners/d/1/5/b/d15bf5fe-a36f-40e1-a640-515805db5056032723_EU_MKTG_DEL_Greenfly_2.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.5.28.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
515df619f8a1782f1076ea44f79d668a218b7567797a4a202644e7382d77c6a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gf.fan/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date
Tue, 30 May 2023 16:34:27 GMT
Last-Modified
Tue, 11 Apr 2023 16:57:23 GMT
Server
AmazonS3
x-amz-request-id
SNNV4D21H498JXP7
ETag
"03990aa2a24588adc72b4691ccc67642"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
882459
x-amz-id-2
6o0U9PW7KYdp/ZuDnx42PNn82wi2Yim3nuKqQSLeiqxHTPoa0Tgg8B0tVGtUpIZ7QE2pn7IW/O4FTvPCaSz0GrtOtIuq2ZS3z1pQxtnjPpA=

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| dataLayer object| webpackJsonpfan-engagement object| regeneratorRuntime object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
.em.money2020.com/ Name: __cf_bm
Value: geNzlOLvSquUDRV7WW2jPQLHJRKqjm13itFiVlV3lsA-1685464463-0-AdI3z2W1R9jr2uw25ifYtLgUd6TM/qoCiIvbzxKH3ATg7FaJNPXDqoWCK5crsdTdrjPN8/Ut3XNM3+c7xYuP7h0=
.gf.fan/ Name: _ga
Value: GA1.2.133091783.1685464465
.gf.fan/ Name: _gid
Value: GA1.2.1826442555.1685464465
.gf.fan/ Name: _gat_UA-174533423-1
Value: 1

2 Console Messages

Source Level URL
Text
security error URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI=
Message:
The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security error URL: https://em.money2020.com/ODk3LU1CQy0yMDcAAAGLhem3nbHKVtRfFFaxkR0i6hXA-JYbnGNHmI9XScyksot26kWkvYPE8xZ1Hr6QhkORMLjZzjI=
Message:
The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-Jzc1sRFAzoAM5poCEHPJoLU1RLqtB3url5eGn4P0Hr8=';object-src 'none';form-action:'none';frame-src:'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cognito-identity.us-east-1.amazonaws.com
em.money2020.com
gf-fan-engagement.s3.amazonaws.com
gf-fan-engagement.s3.us-east-1.amazonaws.com
gf.fan
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.17.74.206
13.225.239.96
2600:1f18:41d6:7402:c10b:929d:83d3:40ad
2a00:1450:4001:813::2004
2a00:1450:4001:813::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2008
2a00:1450:400c:c0c::9c
3.5.28.242
52.217.80.16
11bd59cf46c1d0968cb8af835b6487c6c6db72491f84f26c9f067099b088fd70
124921ad573153d36042bdecf3fe06698e3e6bdc0f2153a3ebae7db2be2f4182
2ac8d5b837ff5dd6995d44aa78c8f294ad69df5915112b2c1d61c6f583863ec3
3aea0fdc4e2964fe9a143463a9293ff77bcac0ff0848fa73546d318aaa36b2e5
515df619f8a1782f1076ea44f79d668a218b7567797a4a202644e7382d77c6a8
586eeaccf396962a6b42e22e66a604c7a356c31182f6cd4ea7ce9942996a7338
6d0f6c4220c0f11982a924fe840e400f9a9518b51165e8eac693424e68809ef0
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86fb74e5fef3808142b989d2a2e6e08bb24894bb1ae2079d31e2c92d0cdf9203
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b7839fac7b29da23894baf5af490323df0788ad0d6286837fe6efe99ab9a50ea
cd591d9b7a6c245217283173d39b5313298a34746fe67be5282561d6e3388087
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ec3b68b0e424d7e275e9abfce9e737ea95a1e7c681849b062d08acdb2b192c74
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629