urlscan.io logo urlscan.io
SecurityTrails logo

ba.giextensions.net Open in urlscan Pro
185.249.121.202  Public Scan

Go To Rescan Add Verdict Report
URL: https://ba.giextensions.net/donation/
Submission: On March 03 via manual from BA — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 35 HTTP transactions. The main IP is 185.249.121.202, located in United Kingdom and belongs to IOMART-AS, GB. The main domain is ba.giextensions.net.
TLS certificate: Issued by Plesk on April 8th 2021. Valid for: a year.
This is the only time ba.giextensions.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 33 185.249.121.202 20860 (IOMART-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
35 3
Apex Domain
Subdomains		 Transfer
33 giextensions.net
ba.giextensions.net
916 KB
2 gstatic.com
fonts.gstatic.com
55 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1 KB
35 3
Domain Requested by
33 ba.giextensions.net 1 redirects ba.giextensions.net
2 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com ba.giextensions.net
35 3

This site contains links to these domains. Also see Links.

Domain
www.islamic-relief.sg
www.islamic-relief.ba
Subject Issuer Validity Valid
Plesk
Plesk		 2021-04-08 -
2022-04-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ba.giextensions.net/donation/
Frame ID: 55F3B679AD56A8FD22159C9C226050A6
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Donations - Make an Online Donation | Islamic Relief SG

Page URL History Show full URLs

  1. https://ba.giextensions.net/donation HTTP 301
    https://ba.giextensions.net/donation/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

35
Requests

9 %
HTTPS

67 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

972 kB
Transfer

1392 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ba.giextensions.net/donation HTTP 301
    https://ba.giextensions.net/donation/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ba.giextensions.net/donation/
Redirect Chain
  • https://ba.giextensions.net/donation
  • https://ba.giextensions.net/donation/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e1c291058c8b69679372de63eb91a7dbcbe68d1d3a70a2c18a374126cc8ae9e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Thu, 03 Mar 2022 10:25:40 GMT
content-type
text/html
last-modified
Mon, 28 Feb 2022 19:59:28 GMT
cache-control
max-age=7200, public
expires
Thu, 03 Mar 2022 10:35:40 GMT
etag
W/"621d29a0-17e1"
x-powered-by
PleskLin
content-encoding
br

Redirect headers

server
nginx
date
Thu, 03 Mar 2022 10:25:40 GMT
content-type
text/html; charset=iso-8859-1
content-length
245
location
https://ba.giextensions.net/donation/
cache-control
max-age=600
expires
Thu, 03 Mar 2022 10:35:40 GMT
x-powered-by
PleskLin
bootstrap.min.css
ba.giextensions.net/donation/assets/css/ 		157 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/css/bootstrap.min.css
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438ccc-2722e"
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 10 Mar 2022 10:25:40 GMT
slib.css
ba.giextensions.net/donation/assets/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/css/slib.css
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c9e875972625bcf9d155acf81abb9eea4b1a27de723b6c0d524d009f3364d109

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 18:00:40 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"620e8d48-1a5e"
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 10 Mar 2022 10:25:40 GMT
font-awesome.css
ba.giextensions.net/donation/assets/css/ 		37 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/css/font-awesome.css
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f9c863679192c27220f2ac50fd681a3dbade69728af1e60547a1c45859aa97a4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438ccc-923c"
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 10 Mar 2022 10:25:40 GMT
style.css
ba.giextensions.net/donation/assets/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/css/style.css
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e3aad385e71597902b96534244f25322a6cc188bf6ad4b895d46e22bd4a93c60

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Tue, 01 Mar 2022 21:33:16 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"621e911c-428b"
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 10 Mar 2022 10:25:40 GMT
logo-xl.svg
ba.giextensions.net/donation/media/general/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.giextensions.net/donation/media/general/logo-xl.svg
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b9191c07bde8530ce0311665b173da99abc0e9ef01e7f9fb6227c090fab5d6c1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"6216a0b8-2e9e"
last-modified
Wed, 23 Feb 2022 21:01:44 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/svg+xml
cache-control
max-age=5
accept-ranges
bytes
content-length
11934
expires
Thu, 03 Mar 2022 10:25:45 GMT
banner.png
ba.giextensions.net/donation/assets/img/ 		323 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.giextensions.net/donation/assets/img/banner.png
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
7ea146bca803b604d6c336eb89d53f2966850531a4944884e961e6d2bdf082b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cce-50da5"
last-modified
Thu, 16 Sep 2021 18:28:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
331173
expires
Sat, 02 Apr 2022 10:25:40 GMT
logoFtr.png
ba.giextensions.net/donation/assets/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.giextensions.net/donation/assets/img/logoFtr.png
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
210556161666ac5ad54aad5e1488f14ee0320da285c88173721299bae022f518

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cce-1cc5"
last-modified
Thu, 16 Sep 2021 18:28:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7365
expires
Sat, 02 Apr 2022 10:25:40 GMT
jquery.min.js
ba.giextensions.net/donation/assets/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/jquery.min.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438cd0-15d9c"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
popper.min.js
ba.giextensions.net/donation/assets/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/popper.min.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438cd0-5309"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
bootstrap.min.js
ba.giextensions.net/donation/assets/js/ 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/bootstrap.min.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438cd0-ea8c"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
jquery.validate.js
ba.giextensions.net/donation/assets/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/jquery.validate.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2553eb901c3a1ef665fcf8f728a69da7f714fd7b7a472d1f252b878cf6d02b70

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438cd0-c6ff"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
slib.js
ba.giextensions.net/donation/assets/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/slib.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438cd0-3621"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
jquery.maskedinput.min.js
ba.giextensions.net/donation/assets/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/jquery.maskedinput.min.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
d76519645ff1cb534fb5bacf5f1554d4e39c38d27ac639965ae5ae31568fad9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:32 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438cd0-209a"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
single-steps-data.js
ba.giextensions.net/donation/assets/cms-data/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/cms-data/single-steps-data.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
05b72f35dca3848a20dff76634cba9d5abfda1b06c4c6016a5cf5d989bcac5c3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Mon, 28 Feb 2022 20:45:48 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"621d347c-72e"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
monthly-steps-data.js
ba.giextensions.net/donation/assets/cms-data/ 		2 KB
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/cms-data/monthly-steps-data.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
02875e14b7e1c2408df57b1e0544ecdf2f17569d4d8f5c840445497f99a12442

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438ccc-655"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
general-data.js
ba.giextensions.net/donation/assets/cms-data/ 		794 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/cms-data/general-data.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1cd24b73e6492b2620b2d2ff479e92ace318248752d970b6877c0827b5d830b1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
gzip
etag
"31a-5d91977bf7880-gzip"
last-modified
Mon, 28 Feb 2022 19:58:10 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
447
expires
Sat, 05 Mar 2022 22:25:40 GMT
form-data.js
ba.giextensions.net/donation/assets/cms-data/ 		1 KB
688 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/cms-data/form-data.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3f056d0e71303b74c994b778b900abdfc71376070444601eb7c67cb4bf9d5158

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Fri, 25 Feb 2022 22:09:52 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"621953b0-5c5"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
error-data.js
ba.giextensions.net/donation/assets/cms-data/ 		525 B
472 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/cms-data/error-data.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6a979555e7dd36c28cbb2737e4f48022a0330a17935789fb03c2d21a360d049b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
gzip
etag
"20d-5cc20fb23cb00-gzip"
last-modified
Thu, 16 Sep 2021 18:28:28 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
x-accel-version
0.01
cache-control
max-age=2592000, private
accept-ranges
bytes
content-length
197
expires
Sat, 05 Mar 2022 22:25:40 GMT
custom.js
ba.giextensions.net/donation/assets/js/ 		61 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/custom.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
bbeb53e375dda712fab54e13c235110ceca4212c1186907baee6ce0806ab9115

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Mon, 28 Feb 2022 20:29:38 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"621d30b2-f2db"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
funds.js
ba.giextensions.net/donation/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/js/funds.js
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
733436b560233ed2eb49dc43c8cb75e025adbf7707642097b9a9077600ba2adf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Mon, 28 Feb 2022 18:55:04 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"621d1a88-f85"
content-type
application/javascript
cache-control
max-age=2592000, private
expires
Sat, 05 Mar 2022 22:25:40 GMT
css2
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;500;600;700;800;900&display=swap
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f75b85d30854599da1a453ce082759aef6461c90e7c7219e7da28068bb254741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 10:25:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 03 Mar 2022 10:25:40 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 03 Mar 2022 10:25:40 GMT
fonts.css
ba.giextensions.net/donation/assets/css/ 		2 KB
474 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/css/fonts.css
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6e064a015d8abe0b9689237e825713aebe3a79993bc1e010d96405395a23137f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/assets/css/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
br
last-modified
Thu, 16 Sep 2021 18:28:28 GMT
server
nginx
x-powered-by
PleskLin
etag
W/"61438ccc-7c8"
content-type
text/css
cache-control
max-age=2592000, public
expires
Thu, 10 Mar 2022 10:25:40 GMT
fontawesome-webfont.woff2
ba.giextensions.net/donation/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/css/font-awesome.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://ba.giextensions.net/donation/assets/css/font-awesome.css
Origin
https://ba.giextensions.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cce-12d68"
last-modified
Thu, 16 Sep 2021 18:28:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
font/woff2
cache-control
max-age=5
accept-ranges
bytes
content-length
77160
expires
Thu, 03 Mar 2022 10:25:45 GMT
Geogrotesque-Regular.otf
ba.giextensions.net/donation/assets/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/fonts/Geogrotesque-Regular.otf
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
838d4b3beeb364da576ad1bdd252b76f24aecbf56f41e6158e41eed8d9d95290

Request headers

Referer
https://ba.giextensions.net/donation/assets/css/fonts.css
Origin
https://ba.giextensions.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cce-ca58"
last-modified
Thu, 16 Sep 2021 18:28:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/vnd.oasis.opendocument.formula-template
cache-control
max-age=5
accept-ranges
bytes
content-length
51800
expires
Thu, 03 Mar 2022 10:25:45 GMT
get_funds.php
ba.giextensions.net/donation/web_services/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/web_services/get_funds.php?type=monthly_funds&_=1646303142683
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.28, PleskLin
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ba.giextensions.net/donation/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.28, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-length
22
expires
Thu, 19 Nov 1981 08:52:00 GMT
get_funds.php
ba.giextensions.net/donation/web_services/ 		430 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/web_services/get_funds.php?type=single_funds&_=1646303142684
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.28, PleskLin
Resource Hash
8b912c430e75fa05f3cb382bd10902014fa1751caa2362ba4cb08d287a1f1282

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ba.giextensions.net/donation/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.28, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate
content-length
172
expires
Thu, 19 Nov 1981 08:52:00 GMT
get_all_fund_values.php
ba.giextensions.net/donation/web_services/ 		1 KB
402 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/web_services/get_all_fund_values.php?type=single&_=1646303142685
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.28, PleskLin
Resource Hash
d5c658cfd836143869fb0233f54ae445590c884fce4c6e73bee30eff1fa3431e

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ba.giextensions.net/donation/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.28, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-length
225
expires
Thu, 03 Mar 2022 10:35:40 GMT
get_all_fund_values.php
ba.giextensions.net/donation/web_services/ 		156 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/web_services/get_all_fund_values.php?type=monthly&_=1646303142686
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/js/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PHP/7.4.28, PleskLin
Resource Hash
f40c9c6d255762a678930a3bbb0d141b0c1c49b350bca0c9934f7dcebe83f7d9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ba.giextensions.net/donation/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
content-encoding
gzip
server
nginx
x-powered-by
PHP/7.4.28, PleskLin
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-length
144
expires
Thu, 03 Mar 2022 10:35:40 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba.giextensions.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 11:55:47 GMT
x-content-type-options
nosniff
age
167393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:59 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 01 Mar 2023 11:55:47 GMT
Geogrotesque-Bold.otf
ba.giextensions.net/donation/assets/fonts/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/fonts/Geogrotesque-Bold.otf
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
50c2e911830f1c57b9bc3176701178aa384b46345ebc57803928e2808808c0a8

Request headers

Referer
https://ba.giextensions.net/donation/assets/css/fonts.css
Origin
https://ba.giextensions.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cce-c428"
last-modified
Thu, 16 Sep 2021 18:28:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/vnd.oasis.opendocument.formula-template
cache-control
max-age=5
accept-ranges
bytes
content-length
50216
expires
Thu, 03 Mar 2022 10:25:45 GMT
JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v23/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ba.giextensions.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 07:18:12 GMT
x-content-type-options
nosniff
age
97648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25088
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:11:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 02 Mar 2023 07:18:12 GMT
banner.webp
ba.giextensions.net/donation/media/general/ 		214 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.giextensions.net/donation/media/general/banner.webp
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8f4ecf84d5a7a6c149a9deb19ea3c13bc07a21ee613c19ce8fcbdd7cbe9ab591

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cc8-3591e"
last-modified
Thu, 16 Sep 2021 18:28:24 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/webp
cache-control
max-age=5
accept-ranges
bytes
content-length
219422
expires
Thu, 03 Mar 2022 10:25:45 GMT
logoFtr.png
ba.giextensions.net/donation/media/general/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ba.giextensions.net/donation/media/general/logoFtr.png
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
210556161666ac5ad54aad5e1488f14ee0320da285c88173721299bae022f518

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ba.giextensions.net/donation/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cc8-1cc5"
last-modified
Thu, 16 Sep 2021 18:28:24 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
7365
expires
Sat, 02 Apr 2022 10:25:40 GMT
Geogrotesque-Medium.otf
ba.giextensions.net/donation/assets/fonts/ 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ba.giextensions.net/donation/assets/fonts/Geogrotesque-Medium.otf
Requested by
Host: ba.giextensions.net
URL: https://ba.giextensions.net/donation/assets/css/fonts.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.249.121.202 , United Kingdom, ASN20860 (IOMART-AS, GB),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b67d5159890dd750f02201470894aef7200a9790a27f3151d20556e38a03a961

Request headers

Referer
https://ba.giextensions.net/donation/assets/css/fonts.css
Origin
https://ba.giextensions.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 10:25:40 GMT
etag
"61438cce-c840"
last-modified
Thu, 16 Sep 2021 18:28:30 GMT
server
nginx
x-powered-by
PleskLin
content-type
application/vnd.oasis.opendocument.formula-template
cache-control
max-age=5
accept-ranges
bytes
content-length
51264
expires
Thu, 03 Mar 2022 10:25:45 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| $ function| jQuery function| Popper object| bootstrap object| $jscomp string| FundTextHeading1Single string| FundTextHeading2Single string| fundValueDynamicTextSingle string| addDonateButtonTextSingle string| otherAmountTxtSingle string| enterAmountTxtSingle string| addMoretxtSingle string| fundrequirederrorSingle string| amountrequirederrorSingle string| giftAidLabelTxtSingle string| taxPayerTxtSingle string| agreementTxtSingle string| step4HeadingTxt1Single string| step4HeadingTxt2Single string| KITTxtSingle string| contactTxtSingle string| step5HeadingTxtSingle string| step5totalDonation string| cartHeading string| cartTotalTxt string| FundTextHeading1Monthly string| FundTextHeading2Monthly string| fundValueDynamicTextMonthly string| otherAmountTxtMonthly string| fundrequirederrorMonthly string| amountrequirederrorMonthly string| giftAidLabelTxtMonthly string| taxPayerTxtMonthly string| agreementTxtMonthly string| step4HeadingTxt1Monthly string| step4HeadingTxt2Monthly string| KITTxtMonthly string| contactTxtMonthly string| step5HeadingTxtMonthly string| step5totalDonationMonthly string| baseurl string| currency string| logo_img string| fav_img string| step1Heading string| step1Text string| step2Text string| step3Text string| step4Text string| singleButtonTxt string| monthlyButtonTxt string| nextButtonTxt string| backButtonTxt string| donateButtonTxt string| copyRightTxt string| step1BannerImage string| giftAidImage string| footerImage string| TitleLabelSingle string| SingleFormTitleOption1 string| SingleFormTitleOption2 string| SingleFormTitleOption3 string| SingleFormTitleOption4 string| FirstNameLabelSingle string| FirstNamePlaceholderSingle string| LastNameLabelSingle string| LastNamePlaceholderSingle string| EmailSingleLabel string| EmailSinglePlaceHolder string| ContactSingleLabel string| ContactSinglePlaceHolder string| PostCodeSingleLabel string| PostCodeSinglePlaceHolder string| AddressSingleLabel string| AddressSinglePlaceHolder string| Address2SingleLabel string| Address2SinglePlaceHolder string| CityFieldLabelSingle string| CitySinglePlaceHolder string| CountryFieldLabelSingle string| searchAddressLabel string| placholderSearchAddressTxt string| selectAboutLabelTxt string| KITEmailLabelTxt string| KITTeleLabelTxt string| KITSMSLabelTxt string| labelAccHoldNameTxt string| labelAccNumTxt string| labelSortCodeTxt string| labelPaymentDateTxt string| titleError string| firstNameError string| lastNameError string| emailError string| address1Error string| postcodeError string| cityError string| accountHolderNameError string| accountNumberError string| sortCodeError string| selectedid string| selectedAmount string| selectedreasontext string| orphanFundID string| generalMediaPath undefined| dtype object| cart boolean| isShowed undefined| popupLength boolean| addressFound object| errorMsg function| getSingleProductsTemplate function| setCart function| addToCart function| deleteCartItem function| setGiftAidSingle function| getSinglePaymentTemplate function| hideLoader function| beginReguest function| submitOneOff function| singleUserStep function| removeRequiredOnStep2 function| setSingleTemplate function| getMonthlyProductsTemplate function| submitMonthly function| setCartMonthly function| setGiftAidMonthly function| setPayment function| getMonthlyPaymentTemplate function| beginRecursion function| monthlyUserStep function| setMonthlyTemplate function| getFundsValues function| defaultSelectedAmount function| getTotalAmount function| setTaxPayer function| setUserInfo function| setUserStep function| setPopup function| getPopupData undefined| postcode undefined| addresses boolean| isAdded function| stepsDisable function| getAddresses function| retrieveAddress function| unsetUserInfo function| generateTransFeeText function| redirect function| populateGeneralFieldsData function| enc_data function| loadOrphan function| getCookie function| createTokenElement function| generateOptionsForTitle function| ValidateAlpha function| wordPressSetCart object| objFunds

1 Cookies

Domain/Path Name / Value
ba.giextensions.net/ Name: PHPSESSID
Value: iveoud4h7fae5miqmq8toa9j84

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ba.giextensions.net
fonts.googleapis.com
fonts.gstatic.com
185.249.121.202
2a00:1450:4001:829::2003
2a00:1450:4001:82b::200a
02875e14b7e1c2408df57b1e0544ecdf2f17569d4d8f5c840445497f99a12442
05b72f35dca3848a20dff76634cba9d5abfda1b06c4c6016a5cf5d989bcac5c3
1cd24b73e6492b2620b2d2ff479e92ace318248752d970b6877c0827b5d830b1
210556161666ac5ad54aad5e1488f14ee0320da285c88173721299bae022f518
2553eb901c3a1ef665fcf8f728a69da7f714fd7b7a472d1f252b878cf6d02b70
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3f056d0e71303b74c994b778b900abdfc71376070444601eb7c67cb4bf9d5158
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50c2e911830f1c57b9bc3176701178aa384b46345ebc57803928e2808808c0a8
5b0fbe5b7ad705f6a937c4998ad02f73d8f0d976fe231b74aef0ec996990c93a
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
6a979555e7dd36c28cbb2737e4f48022a0330a17935789fb03c2d21a360d049b
6e064a015d8abe0b9689237e825713aebe3a79993bc1e010d96405395a23137f
733436b560233ed2eb49dc43c8cb75e025adbf7707642097b9a9077600ba2adf
79c599dd760cec0c1621a1af49d9a2a49da5d45e1b37d4575bace0a5e0226582
7ea146bca803b604d6c336eb89d53f2966850531a4944884e961e6d2bdf082b8
80f04717f32ea0320c5e8618fbacedd1fee3a8775ad8292140a6113551d4b5b0
838d4b3beeb364da576ad1bdd252b76f24aecbf56f41e6158e41eed8d9d95290
8b912c430e75fa05f3cb382bd10902014fa1751caa2362ba4cb08d287a1f1282
8f4ecf84d5a7a6c149a9deb19ea3c13bc07a21ee613c19ce8fcbdd7cbe9ab591
b67d5159890dd750f02201470894aef7200a9790a27f3151d20556e38a03a961
b9191c07bde8530ce0311665b173da99abc0e9ef01e7f9fb6227c090fab5d6c1
bbeb53e375dda712fab54e13c235110ceca4212c1186907baee6ce0806ab9115
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c9459a9e11e4c63fb7a30d2a644e80b733fc9599302ef3da8142cbe8f9d9333d
c9e875972625bcf9d155acf81abb9eea4b1a27de723b6c0d524d009f3364d109
d5c658cfd836143869fb0233f54ae445590c884fce4c6e73bee30eff1fa3431e
d76519645ff1cb534fb5bacf5f1554d4e39c38d27ac639965ae5ae31568fad9e
e1c291058c8b69679372de63eb91a7dbcbe68d1d3a70a2c18a374126cc8ae9e8
e3aad385e71597902b96534244f25322a6cc188bf6ad4b895d46e22bd4a93c60
f40c9c6d255762a678930a3bbb0d141b0c1c49b350bca0c9934f7dcebe83f7d9
f75b85d30854599da1a453ce082759aef6461c90e7c7219e7da28068bb254741
f9c863679192c27220f2ac50fd681a3dbade69728af1e60547a1c45859aa97a4