gavi.bucketlist.org Open in urlscan Pro
2606:4700:3108::ac42:2b2e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7
Effective URL:
https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
Submission: On November 28 via manual (November 28th 2022, 1:06:54 pm UTC) from CH — Scanned from DE

Summary HTTP 15 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3108::ac42:2b2e, located in United States and belongs to CLOUDFLARENET, US. The main domain is gavi.bucketlist.org.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 7th 2022. Valid for: a year.

This is the only time gavi.bucketlist.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 10	2606:4700:310... 2606:4700:3108::ac42:2b2e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.138.201 52.217.138.201	16509 (AMAZON-02) (AMAZON-02)
4	18.66.115.169 18.66.115.169	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	44.230.79.106 44.230.79.106	16509 (AMAZON-02) (AMAZON-02)
15	6

10 2606:4700:3108::ac42:2b2e (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

gavi.bucketlist.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.138.201 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

blcorp-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.230.79.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-230-79-106.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	bucketlist.org 3 redirects gavi.bucketlist.org	195 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1836	33 KB
1	segment.io api.segment.io — Cisco Umbrella Rank: 1159	177 B
1	gstatic.com fonts.gstatic.com	24 KB
1	amazonaws.com blcorp-media.s3.amazonaws.com — Cisco Umbrella Rank: 903216	46 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	933 B
15	6

	Domain	Requested by
10	gavi.bucketlist.org	3 redirects gavi.bucketlist.org
4	cdn.segment.com	gavi.bucketlist.org cdn.segment.com
1	api.segment.io	cdn.segment.com
1	fonts.gstatic.com	fonts.googleapis.com
1	blcorp-media.s3.amazonaws.com	gavi.bucketlist.org
1	fonts.googleapis.com	gavi.bucketlist.org
15	6

This site contains links to these domains. Also see Links.

Domain
bucketlistrewards.com

Subject Issuer	Validity	Valid
*.bucketlist.org Sectigo RSA Domain Validation Secure Server CA	`2022-03-07` - `2023-04-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
Frame ID: B66A8882394646E7AF4709D4D61185E0
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Bucketlist.org for Gavi, the Vaccine Alliancedescribe-iconExperience Seasons

Page URL History Show full URLs

http://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7 HTTP 301
https://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7 HTTP 301
https://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/ HTTP 302
https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

Page Statistics

15
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

297 kB
Transfer

872 kB
Size

3
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://bucketlistrewards.com/
Title: About Bucketlist

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7 HTTP 301
https://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7 HTTP 301
https://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/ HTTP 302
https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gavi.bucketlist.org/accounts/login/
Redirect Chain

http://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7
https://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7
https://gavi.bucketlist.org/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

55 KB
14 KB

202ms
202ms

Document
text/html

2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c515b1bcf0af7afa6fe3ab502a38af4cb20b4b34b6e7de2e0e31c0a169ddf200

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://fonts.googleapis.com https://www.gstatic.com/charts/; default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://cdn.segment.com https://browser.sentry-cdn.com https://maps.googleapis.com https://www.google.com/jsapi https://www.gstatic.com/charts/ https://code.jquery.com/jquery-2.2.4.min.js; media-src 'self' https://media.tenor.com; manifest-src 'self'; img-src https: data:; connect-src 'self' https://api.segment.io https://cdn.segment.com https://api.tenor.com/ https://maps.googleapis.com https://vimeo.com/api/v2/video/; font-src 'self' https://fonts.gstatic.com; frame-src https://*.youtube.com https://player.vimeo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 771352b98ae89022-FRA
content-encoding: gzip
content-language: en
content-security-policy: style-src 'self' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://fonts.googleapis.com https://www.gstatic.com/charts/; default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://cdn.segment.com https://browser.sentry-cdn.com https://maps.googleapis.com https://www.google.com/jsapi https://www.gstatic.com/charts/ https://code.jquery.com/jquery-2.2.4.min.js; media-src 'self' https://media.tenor.com; manifest-src 'self'; img-src https: data:; connect-src 'self' https://api.segment.io https://cdn.segment.com https://api.tenor.com/ https://maps.googleapis.com https://vimeo.com/api/v2/video/; font-src 'self' https://fonts.gstatic.com; frame-src https://*.youtube.com https://player.vimeo.com
content-type: text/html; charset=utf-8
date: Mon, 28 Nov 2022 13:06:50 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding,Authorization, Cookie, Accept-Language
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

cf-cache-status: DYNAMIC
cf-ray: 771352b70e839022-FRA
content-language: en
content-security-policy: frame-src https://*.youtube.com https://player.vimeo.com; manifest-src 'self'; media-src 'self' https://media.tenor.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://cdn.segment.com https://browser.sentry-cdn.com https://maps.googleapis.com https://www.google.com/jsapi https://www.gstatic.com/charts/ https://code.jquery.com/jquery-2.2.4.min.js; default-src 'none'; font-src 'self' https://fonts.gstatic.com; style-src 'self' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://fonts.googleapis.com https://www.gstatic.com/charts/; img-src https: data:; connect-src 'self' https://api.segment.io https://cdn.segment.com https://api.tenor.com/ https://maps.googleapis.com https://vimeo.com/api/v2/video/
content-type: text/html; charset=utf-8
date: Mon, 28 Nov 2022 13:06:50 GMT
location: /accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
vary: Authorization, Accept-Language, Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 db1e7baa705b.css
gavi.bucketlist.org/static/CACHE/css/ 143 KB
32 KB 25ms
24ms Stylesheet
text/css 2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/static/CACHE/css/db1e7baa705b.css

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3d3112970924c221becf5f1a3241c22ed5b53f15c1b5c19d815b9fe1e69e930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 02:43:07 GMT
server: cloudflare
content-encoding: gzip
age: 171
etag: W/"637eda3b-23c49"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: max-age=14400
cf-ray: 771352badd0d9022-FRA

GET
H2 200 067995ca9329.css
gavi.bucketlist.org/static/CACHE/css/ 406 KB
71 KB 28ms
27ms Stylesheet
text/css 2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/static/CACHE/css/067995ca9329.css

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e042ae1aa30ec3e3444078f5f5f361ff5fffee619f85e80021d804e201b2257d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 02:43:14 GMT
server: cloudflare
content-encoding: gzip
age: 171
etag: W/"637eda42-65860"
vary: Accept-Encoding
x-frame-options: DENY
content-type: text/css
cache-control: max-age=14400
cf-ray: 771352badd0f9022-FRA

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,300,700,900

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 28 Nov 2022 13:06:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 28 Nov 2022 12:55:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 28 Nov 2022 13:06:50 GMT

GET
H2 200 4b16eefd6032.js Show response
gavi.bucketlist.org/static/CACHE/js/ 477 B
267 B 34ms
34ms Script
application/javascript 2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/static/CACHE/js/4b16eefd6032.js

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c9939efcae7910f883d4e41b686f794faa7191704281e63ab5665c007859fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 02:43:14 GMT
server: cloudflare
age: 171
etag: W/"637eda42-1dd"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: max-age=14400
cf-ray: 771352badd119022-FRA

GET
H/1.1 200
OK 54e2d214-ffc9-4e31-8046-47795981a30a.png
blcorp-media.s3.amazonaws.com/live/upload/company/501/2021/10/05/ 46 KB
46 KB 367ms
120ms Image
image/png 52.217.138.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blcorp-media.s3.amazonaws.com/live/upload/company/501/2021/10/05/54e2d214-ffc9-4e31-8046-47795981a30a.png
Requested by: Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.138.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: e4f700e763ba4335c210062b1a4e29036f83f1c54dae246fb1c0269f06f71c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date: Mon, 28 Nov 2022 13:06:52 GMT
Last-Modified: Tue, 05 Oct 2021 04:13:34 GMT
Server: AmazonS3
x-amz-request-id: HZH0KESB4WTHWSY5
ETag: "8649d90032c71abf1e9302dd2a0a1292"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 46886
x-amz-id-2: UQ5JM15YyBzJuyCJUVcqCKZPBPwznpiTcBlGxKYKO+rqIXejBT/qIRg3NUAQMO7E8991gQPvb28=

GET
H2 200 classList.min.js Show response
gavi.bucketlist.org/static/company/js/external_js/ 3 KB
1 KB 24ms
24ms Script
application/javascript 2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/static/company/js/external_js/classList.min.js

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e35842b7da642487e3909ca1162529765ea035fd07e5d0e4fda03b843d2e7da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 03:22:19 GMT
server: cloudflare
age: 171
etag: W/"6374576b-aaa"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
content-encoding: gzip
cache-control: max-age=14400
cf-ray: 771352bb1d9b9022-FRA

GET
H2 200 jstimezonedetect.min.js Show response
gavi.bucketlist.org/static/company/js/external_js/ 12 KB
5 KB 28ms
28ms Script
application/javascript 2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/static/company/js/external_js/jstimezonedetect.min.js

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

902a88f509cfc8096570bcb45d7d954039cd379076def049cb28eb65a45ba9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Wed, 16 Nov 2022 03:22:20 GMT
server: cloudflare
content-encoding: gzip
age: 171
etag: W/"6374576c-304d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 771352bb1d9d9022-FRA

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/ 100 KB
27 KB 39ms
16ms Script
text/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/analytics.min.js
Requested by: Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b3a68616b692e8c234b6a6c067a9152253c6b055cbc480f281ad39b507d78e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: fcPUnwVbFz_c2GzkBNKOQ1NO3cg.J.Qp
content-encoding: br
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 13:06:50 GMT
x-amz-cf-pop: FRA56-P5
age: 118
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 20:05:53 GMT
server: AmazonS3
etag: W/"f7d9a3a2a49f5110343c59f7fe9beafa"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: MNVIwVfhRCLATd6DZM07NXMjHHQrIX-LkhkICBFOlXdLeFWDhi5AvA==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 37ms
6ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,300,700,900

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gavi.bucketlist.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Tue, 22 Nov 2022 17:08:09 GMT
x-content-type-options: nosniff
age: 503921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Nov 2023 17:08:09 GMT

GET
H2 200 fontawesome-webfont.woff2
gavi.bucketlist.org/static/company/bower_components/font-awesome/fonts/ 70 KB
70 KB 27ms
27ms Font
application/octet-stream 2606:4700:3108::ac42:2b2e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gavi.bucketlist.org/static/company/bower_components/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3&e6cf7c6ec7c2

Requested by

Host: gavi.bucketlist.org
URL: https://gavi.bucketlist.org/static/CACHE/css/db1e7baa705b.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3108::ac42:2b2e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://gavi.bucketlist.org/static/CACHE/css/db1e7baa705b.css
Origin: https://gavi.bucketlist.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 13:06:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Tue, 22 Nov 2016 01:33:52 GMT
server: cloudflare
age: 171
etag: "5833a080-118d8"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 771352bb4dea9022-FRA
content-length: 71896

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/ 1 KB
1 KB 35ms
17ms XHR
application/json 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ac105c627520948b757d844a97bfdab965d57750fe1fa5b1c3a804fbc04dcfd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

x-amz-version-id: c7mcWw6PhACUJToxiCbFSRlDURF8df4Z
content-encoding: br
via: 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
date: Mon, 28 Nov 2022 13:06:50 GMT
x-amz-cf-pop: FRA56-P5
age: 20
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 09 May 2022 22:43:13 GMT
server: AmazonS3
etag: W/"dd552bba1caaa6fa1a04f284d82fe6bf"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
x-amz-cf-id: 8J5HChtkkUITKVrd4DIm-0B7EbSDopxbsZU2MEr8ROa-Z9wx9sauHg==

GET
H2 200 ajs-destination.bundle.f10d3096539d72f6123e.js Show response
cdn.segment.com/analytics-next/bundles/ 8 KB
3 KB 7ms
6ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 16:50:41 GMT
x-amz-version-id: ZFtHPDARawb_jSqRkD8P6QNmwckroygg
content-encoding: br
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 418569
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Nov 2022 16:04:56 GMT
server: AmazonS3
etag: W/"3fe4d92339c7d21c57f0044fcdcf5274"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: 7QouRTA61FwikjyWYiYt1Dyhwa7RzoYiVlfz4VJQdcdIAf9oEKEdRA==

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 6ms
6ms Script
application/javascript 18.66.115.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-115-169.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gavi.bucketlist.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:10:35 GMT
x-amz-version-id: PLd.pUpm7LMRbNOoL15lZ8ocuYHxqnzt
content-encoding: br
via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2026576
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 05 Nov 2022 01:03:42 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: YgpgRlgEyWqhAprA2YRFZvQWYPRc941rMdZPcBgd3kEqox0bLfZVCQ==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
177 B 508ms
167ms Fetch
application/json 44.230.79.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/7hJdJIt6rIdiG0KvWKFBGCPlCxLjvXmQ/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.230.79.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-230-79-106.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gavi.bucketlist.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://gavi.bucketlist.org
date: Mon, 28 Nov 2022 13:06:51 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gavi.bucketlist.org/	1969-12-31 23:59:59	Name: django_language Value: en
gavi.bucketlist.org/	1970-01-20 16:31:30	Name: csrftoken Value: qP57dIsOqqGNIaZouCO1n3dbM9ApGpWn711n4yyur8qppdk3UtFMvqQNtLzYWx2p
.bucketlist.org/	1970-01-20 16:32:56	Name: ajs_anonymous_id Value: 8e4db41d-db36-4c7e-9e2b-814d27815f3d

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://gavi.bucketlist.org/accounts/login/?next=/admin/reports/c7670679-d767-416c-9451-319d00b38bd7/(Line 5) Message: The key "target-densitydpi" is not supported.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://fonts.googleapis.com https://www.gstatic.com/charts/; default-src 'none'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://blcorp-media.s3.amazonaws.com/ https://cdn.segment.com https://browser.sentry-cdn.com https://maps.googleapis.com https://www.google.com/jsapi https://www.gstatic.com/charts/ https://code.jquery.com/jquery-2.2.4.min.js; media-src 'self' https://media.tenor.com; manifest-src 'self'; img-src https: data:; connect-src 'self' https://api.segment.io https://cdn.segment.com https://api.tenor.com/ https://maps.googleapis.com https://vimeo.com/api/v2/video/; font-src 'self' https://fonts.gstatic.com; frame-src https://*.youtube.com https://player.vimeo.com
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
blcorp-media.s3.amazonaws.com
cdn.segment.com
fonts.googleapis.com
fonts.gstatic.com
gavi.bucketlist.org
18.66.115.169
2606:4700:3108::ac42:2b2e
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
44.230.79.106
52.217.138.201
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
5ef043454b128260dda530a42312fbb985505034036cd3f3ea23cfe324a7905b
6b3a68616b692e8c234b6a6c067a9152253c6b055cbc480f281ad39b507d78e4
7ac105c627520948b757d844a97bfdab965d57750fe1fa5b1c3a804fbc04dcfd
7c9939efcae7910f883d4e41b686f794faa7191704281e63ab5665c007859fff
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
902a88f509cfc8096570bcb45d7d954039cd379076def049cb28eb65a45ba9aa
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
a3d3112970924c221becf5f1a3241c22ed5b53f15c1b5c19d815b9fe1e69e930
c515b1bcf0af7afa6fe3ab502a38af4cb20b4b34b6e7de2e0e31c0a169ddf200
d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432
e042ae1aa30ec3e3444078f5f5f361ff5fffee619f85e80021d804e201b2257d
e35842b7da642487e3909ca1162529765ea035fd07e5d0e4fda03b843d2e7da7
e4f700e763ba4335c210062b1a4e29036f83f1c54dae246fb1c0269f06f71c4d
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

gavi.bucketlist.org Open in urlscan Pro 2606:4700:3108::ac42:2b2e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

50 %IPv6

6 Domains

6 Subdomains

6 IPs

2 Countries

297 kBTransfer

872 kBSize

3 Cookies

1 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

3 Cookies

1 Console Messages

Security Headers

Indicators

gavi.bucketlist.org Open in urlscan Pro
2606:4700:3108::ac42:2b2e Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

6
Subdomains

6
IPs

2
Countries

297 kB
Transfer

872 kB
Size

3
Cookies

15 HTTP transactions
0 data transactions