urlscan.io logo urlscan.io
SecurityTrails logo

events.merkos302.com Open in urlscan Pro
54.188.244.137  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.services.merkos302.com/
Effective URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3F...
Submission: On July 23 via automatic, source certstream-suspicious — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 13 domains to perform 31 HTTP transactions. The main IP is 54.188.244.137, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is events.merkos302.com.
TLS certificate: Issued by R10 on June 30th 2024. Valid for: 3 months.
This is the only time events.merkos302.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 54.188.244.137 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
9 172.67.139.119 13335 (CLOUDFLAR...)
1 1 104.19.222.11 13335 (CLOUDFLAR...)
3 104.19.223.11 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.195.249 396982 (GOOGLE-CL...)
31 13
8    54.188.244.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-244-137.us-west-2.compute.amazonaws.com
www.services.merkos302.com
events.merkos302.com
1    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:4400::ac40:93bc (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
2    2606:4700::6811:f6cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2607:f8b0:400c:c13::54 (Charleston, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
1    2a04:4e42:600::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    2607:f8b0:4006:821::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    104.19.222.11 (None, )

ASN13335 (CLOUDFLARENET, US)
chabadorg.clhosting.org
3    104.19.223.11 (None, )

ASN13335 (CLOUDFLARENET, US)
www.chabad.org
w2.chabad.org
1    2607:f8b0:4006:820::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2607:f8b0:4006:80e::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
o426802.ingest.sentry.io
Apex Domain
Subdomains		 Transfer
11 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 3618
ka-f.fontawesome.com — Cisco Umbrella Rank: 7493
194 KB
8 merkos302.com
www.services.merkos302.com
events.merkos302.com
115 KB
3 chabad.org
www.chabad.org — Cisco Umbrella Rank: 217110
w2.chabad.org — Cisco Umbrella Rank: 214093
89 KB
2 google.com
accounts.google.com — Cisco Umbrella Rank: 46
85 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1314
32 KB
1 sentry.io
o426802.ingest.sentry.io
340 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
1 gstatic.com
fonts.gstatic.com
19 KB
1 clhosting.org
chabadorg.clhosting.org
792 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
94 KB
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 6607
27 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 110
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 410
25 KB
31 13
Domain Requested by
9 ka-f.fontawesome.com kit.fontawesome.com
events.merkos302.com
browser.sentry-cdn.com
7 events.merkos302.com events.merkos302.com
2 www.chabad.org events.merkos302.com
chabadorg.clhosting.org
2 accounts.google.com events.merkos302.com
accounts.google.com
2 unpkg.com 1 redirects events.merkos302.com
2 kit.fontawesome.com events.merkos302.com
cteen-u
1 w2.chabad.org chabadorg.clhosting.org
1 o426802.ingest.sentry.io browser.sentry-cdn.com
1 www.google-analytics.com browser.sentry-cdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 chabadorg.clhosting.org 1 redirects
1 www.googletagmanager.com events.merkos302.com
1 browser.sentry-cdn.com events.merkos302.com
1 fonts.googleapis.com events.merkos302.com
1 cdn.jsdelivr.net events.merkos302.com
1 www.services.merkos302.com 1 redirects
31 16

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
Subject Issuer Validity Valid
anash.merkos302.com
R10		 2024-06-30 -
2024-09-28		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.fontawesome.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-04 -
2025-01-03		 a year crt.sh
accounts.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-06-04 -
2025-07-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ka-f.fontawesome.com
WE1		 2024-07-01 -
2024-09-29		 3 months crt.sh
*.gstatic.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
ingest.sentry.io
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-02 -
2024-12-02		 a year crt.sh
chabad.org
E5		 2024-06-24 -
2024-09-22		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Frame ID: 786C9ADE869AB01CF6E5556FFB2C6CDE
Requests: 30 HTTP requests in this frame

Frame: https://www.chabad.org/api/login?b5dc19fe-e0e4-4e80-b3f6-27ae440f4c91&viewId=1721724576657-993708-6456363577&idx=0&p=https&d=events.merkos302.com&viewStyle=button
Frame ID: 57AB914823F3C025DCA5EA356428C8AD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Merkos 302 Services Center

Page URL History Show full URLs

  1. https://www.services.merkos302.com/ HTTP 302
    https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

31
Requests

94 %
HTTPS

64 %
IPv6

13
Domains

16
Subdomains

13
IPs

2
Countries

680 kB
Transfer

1578 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.services.merkos302.com/ HTTP 302
    https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://unpkg.com/mithril/mithril.js HTTP 302
  • https://unpkg.com/mithril@2.2.2/mithril.js
Request Chain 14
  • https://chabadorg.clhosting.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91 HTTP 301
  • https://www.chabad.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
events.merkos302.com/sso/
Redirect Chain
  • https://www.services.merkos302.com/
  • https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merk...
12 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache / PHP/7.2.34
Resource Hash
37f4af2f7cf09e939a1f852036f1a611f4f1967b752d5348348ef5cf8fe3e7f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jul 2024 08:49:34 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=16070400
Transfer-Encoding
chunked
Upgrade
h2,h2c
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
X-XSS-Protection
1; mode=block

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Upgrade, Keep-Alive
Content-Length
0
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Jul 2024 08:49:33 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=100
Location
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Pragma
no-cache
Server
Apache
Strict-Transport-Security
max-age=16070400
Upgrade
h2,h2c
X-Content-Type-Options
nosniff
X-Powered-By
PHP/7.2.34
X-XSS-Protection
1; mode=block
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.1/dist/css/bootstrap.min.css
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://events.merkos302.com/
Origin
https://events.merkos302.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 23 Jul 2024 08:49:34 GMT
x-content-type-options
nosniff
content-encoding
br
age
2973124
x-jsd-version
5.0.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25297
x-served-by
cache-fra-eddf8230087-FRA, cache-mia-kmia1760042-MIA
x-jsd-version-type
version
etag
W/"25fef-PDndyutgvrSms9Gt5O+JOaWK1Zo"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 Jul 2024 08:49:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 Jul 2024 06:53:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Jul 2024 08:49:34 GMT
0634a162a5.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0634a162a5.js
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb245eb105c46995520eae3b597a6241caf0cbfc33937c75ea44597fd01c723

Request headers

Referer
https://events.merkos302.com/
Origin
https://events.merkos302.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:34 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8a7a6aff9d665c81-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-K_GQHeQd1TgVICr7cB
mithril.js
unpkg.com/mithril@2.2.2/
Redirect Chain
  • https://unpkg.com/mithril/mithril.js
  • https://unpkg.com/mithril@2.2.2/mithril.js
74 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/mithril@2.2.2/mithril.js
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Server
2606:4700::6811:f6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032f87eebdaef124aa6a90fa8e4fad301689a7c1e3dd8058167d27c637e835c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:34 GMT
content-encoding
gzip
via
1.1 fly.io
cf-cache-status
HIT
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
12663370
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HQNZRQ9PP75RX9A26N0F9WRH-mia
server
cloudflare
etag
"1271f-4z8ahCf1tYv2nMRXDZu+MEz51JM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
8a7a6b009d7aa552-MIA

Redirect headers

date
Tue, 23 Jul 2024 08:49:34 GMT
content-encoding
br
via
1.1 fly.io
cf-cache-status
EXPIRED
fly-request-id
01J3FCG6YPMMBBE50T6JZP3K5Q-mia
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
cloudflare
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/mithril@2.2.2/mithril.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
8a7a6aff9d1da552-MIA
client
accounts.google.com/gsi/ 		221 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::54 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2ff641811265a923dbd739d36eb4d821c0f55af8dd3b58a512f01c4f82e1c5be
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gKDPB43Crav3C9CmPgMJXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-gKDPB43Crav3C9CmPgMJXg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 23 Jul 2024 08:49:35 GMT
general.css
events.merkos302.com/sso/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://events.merkos302.com/sso/css/general.css
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Referer
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Jul 2024 08:49:34 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
196
Content-Type
text/html; charset=iso-8859-1
bundle.tracing.min.js
browser.sentry-cdn.com/6.2.0/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
780f0884697fc454d3ad8268ad3c3af576fdb5c6f0de416bd94fe876e02fc1ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://events.merkos302.com/
Origin
https://events.merkos302.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Thu, 18 Feb 2021 10:45:48 GMT
server
Fastly
age
2151688
etag
"ac5595a66cd522d828ed261d398d810f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27852
expires
Wed, 25 Sep 2024 07:45:08 GMT
js
www.googletagmanager.com/gtag/ 		270 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KZCBPP31MB
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b9d764829f93ed1d3d039699c2ab529f697589f8e6f2b5b04e14912f089bee7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95444
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 Jul 2024 08:49:35 GMT
sso.dist.js
events.merkos302.com/static/ 		71 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.merkos302.com/static/sso.dist.js?v=1
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fd396411afa226f25959a4fd2415afcd9e088d8b78753c575a2e26f6e6348ee9
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Jul 2024 08:49:34 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Last-Modified
Tue, 08 Aug 2023 21:43:55 GMT
Server
Apache
ETag
"11ae9-602704279f072"
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
72425
X-XSS-Protection
1; mode=block
feedback.dist.js
events.merkos302.com/static/ 		11 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://events.merkos302.com/static/feedback.dist.js?v=1
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
fcf52b9521e6ecfbdfef5aed8782cc10180662ff3e7e37f414a2e26ca89363f8
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Jul 2024 08:49:34 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Last-Modified
Wed, 30 Nov 2022 16:45:48 GMT
Server
Apache
ETag
"2d84-5eeb2d6308cbe"
Upgrade
h2,h2c
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
Upgrade, Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11652
X-XSS-Protection
1; mode=block
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		94 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=0634a162a5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0634a162a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
via
1.1 2e9033da1cf7b64ac622ab535b39a266.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
server
cloudflare
etag
W/"4ca760f49cd8a14911c81e6c14328874"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2hh23xbTJkqOTkwOGPZChXyx7qW5%2B4gS5Ce8XTcR4ufP%2F0iGOWb3jaxGe2hWsbyb7%2BAVTJt0iOi5TZkf848FsinFHrJ8T1LCUD5J1je7gst%2FSe9lsXKykFzU4Tl0g3Jb408LbpL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efdb8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
l5Ohnks494mX16-sdFM5X9oLUbg54ci28kNDY9eQmDRNiipw9mo77g==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		27 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=0634a162a5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0634a162a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
via
1.1 639cc143f6b6769351df58109d6b2b18.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"5e5b0d8c7be5919570a305b6bc229a36"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ctb3SM3WQgkvTPfobAZeCoxQi56pUkuQaLNbxE505%2FOyE6Z5ITq2aG7D%2FTUHvFzm17BzYMefW%2FhOL%2B8Nw2BHinCLzmepCsCDnlnInkU4Tgtjytdhu91NmZwIhcznyqcBQ9rSd6kBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efde8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
kuhS_rcX83CiBF1qTUISS9Rm0DQbyDZqbfcxeYKCOUgHuyRVddUEFA==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		823 B
987 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=0634a162a5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0634a162a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
via
1.1 81148d596ccabdf71245563094108fbe.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"8972ae5004bc634ffa6641be3960e78a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RnZut%2BIHolqbM5TOQG8F37ls8bmvW4RANA9BpUZJrD5igsrNsN5xpgNCjbfujIyYVin%2BsAxyptGarIRYiTkyv8MO3bS2e7hNR9s%2FBLINFjUVfNrPtNGurAJjGRkZeuvJbYIf3Ak%2BpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efdd8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
q_o3o1GGjlq94O0jgdK3p2nEpzNBfpv7cO_QwelIakMT4Yig85acAA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=0634a162a5
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/0634a162a5.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
via
1.1 6c9274205f681e6532f5f293414b8d2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"a5a0c9048efb7cb5df90023064d09ba4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzxpRuGfItx334o2xvdEqreieAyS%2B9mBqmLdwkgWU9q268Qz13g70OGkOaVXPM47VBwd1QtwCn7Q%2F06Y51hcA3hyKMaTVB5kIu1GxBd2DJO1jI2EJHgc%2Bfk1jwR9QlcPNlzAMjh4PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efdc8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
trAgA7j0V9MK_JnCNHfG4URnChI7eBq9tZM1BODah3WxHfWNpkHefQ==
baseapi.js.asp
www.chabad.org/scripts/js/api/
Redirect Chain
  • https://chabadorg.clhosting.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91
  • https://www.chabad.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91
118 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.chabad.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H2
Server
104.19.223.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
867db2e50682668d0662a2f722569e800939d30231b53b6950f891439c99f8b5
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:36 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Tue, 23 Jul 2024 08:49:36 GMT
server
cloudflare
cf-cache-status
MISS
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private
accept-ranges
bytes
cf-ray
8a7a6b08af0d4c1f-MIA
content-length
48219

Redirect headers

date
Tue, 23 Jul 2024 08:49:35 GMT
strict-transport-security
max-age=86400
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
content-type
text/html; charset=utf-8
location
https://www.chabad.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91
cache-control
private, max-age=7200
cf-ray
8a7a6b063e83dad9-MIA
merkos-sso.png
events.merkos302.com/sso/ico/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.merkos302.com/sso/ico/merkos-sso.png
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
1fc1eec7a5c627055782980b5a952fbd0c2f3ebbfaac6c8cb9f29cf963c0dbd7
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Jul 2024 08:49:35 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Last-Modified
Wed, 09 Nov 2022 01:45:26 GMT
Server
Apache
ETag
"27c7-5ecffcf91c517"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
10183
X-XSS-Protection
1; mode=block
google.png
events.merkos302.com/sso/ico/ 		855 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.merkos302.com/sso/ico/google.png
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
23802c8fe0291ff5786bba08dcb43103c5638c33107c7093f95a8b578aedca3f
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Jul 2024 08:49:35 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Last-Modified
Wed, 09 Nov 2022 01:45:26 GMT
Server
Apache
ETag
"357-5ecffcf91c517"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
855
X-XSS-Protection
1; mode=block
0634a162a5.js
kit.fontawesome.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/0634a162a5.js
Requested by
Host: cteen-u
URL: webpack://cteen-u/./webapps/shared/utils/browser-utils.ts?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cb245eb105c46995520eae3b597a6241caf0cbfc33937c75ea44597fd01c723

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age
3000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
content-type
text/javascript
cache-control
max-age=60, public, stale-while-revalidate=30
cf-ray
8a7a6b04085d9af2-MIA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
F-K-XzX1JPIK2hYB1jZC
free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v6.6.0/webfonts/ 		154 KB
154 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/webfonts/free-fa-solid-900.woff2
Requested by
Host: events.merkos302.com
URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2

Request headers

Referer
https://events.merkos302.com/
Origin
https://events.merkos302.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
via
1.1 50d46662b214cb2923f288d3ad4f9dec.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
55495
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
157192
last-modified
Mon, 15 Jul 2024 22:44:08 GMT
server
cloudflare
etag
"76cf3ff0dbd23dd4504e2089f0df4acb"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47Ifh4bYd9IOqiuMBWwOoJplrfzTJ9xT%2FNrQuGm3zAhtW189gf2e4SOqkCjORRzhzoLPoJokYkeCltiEeggrXgTQDdnVu%2F3xLicUr3aPCoFrygySnZ4YaQWNlP2ngikSsd8KaKWTLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
8a7a6b03c85f8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
BJliwFY-ewEth4kl_rcS4ewLNYfGVpFXBV1B6fIz77ys4TCLsiEzjA==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://events.merkos302.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Wed, 17 Jul 2024 05:17:36 GMT
x-content-type-options
nosniff
age
531119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18668
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Jul 2025 05:17:36 GMT
style
accounts.google.com/gsi/ 		533 B
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c13::54 Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fYo8SkmedDvz79GW2ybfEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fYo8SkmedDvz79GW2ybfEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Tue, 23 Jul 2024 08:49:35 GMT
free.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		94 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free.min.css?token=0634a162a5
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
via
1.1 2e9033da1cf7b64ac622ab535b39a266.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:40 GMT
server
cloudflare
etag
W/"4ca760f49cd8a14911c81e6c14328874"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2hh23xbTJkqOTkwOGPZChXyx7qW5%2B4gS5Ce8XTcR4ufP%2F0iGOWb3jaxGe2hWsbyb7%2BAVTJt0iOi5TZkf848FsinFHrJ8T1LCUD5J1je7gst%2FSe9lsXKykFzU4Tl0g3Jb408LbpL%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efdb8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
l5Ohnks494mX16-sdFM5X9oLUbg54ci28kNDY9eQmDRNiipw9mo77g==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		27 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-shims.min.css?token=0634a162a5
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
via
1.1 639cc143f6b6769351df58109d6b2b18.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"5e5b0d8c7be5919570a305b6bc229a36"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Ctb3SM3WQgkvTPfobAZeCoxQi56pUkuQaLNbxE505%2FOyE6Z5ITq2aG7D%2FTUHvFzm17BzYMefW%2FhOL%2B8Nw2BHinCLzmepCsCDnlnInkU4Tgtjytdhu91NmZwIhcznyqcBQ9rSd6kBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efde8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
kuhS_rcX83CiBF1qTUISS9Rm0DQbyDZqbfcxeYKCOUgHuyRVddUEFA==
free-v5-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		823 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v5-font-face.min.css?token=0634a162a5
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
via
1.1 81148d596ccabdf71245563094108fbe.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"8972ae5004bc634ffa6641be3960e78a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RnZut%2BIHolqbM5TOQG8F37ls8bmvW4RANA9BpUZJrD5igsrNsN5xpgNCjbfujIyYVin%2BsAxyptGarIRYiTkyv8MO3bS2e7hNR9s%2FBLINFjUVfNrPtNGurAJjGRkZeuvJbYIf3Ak%2BpA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efdd8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
q_o3o1GGjlq94O0jgdK3p2nEpzNBfpv7cO_QwelIakMT4Yig85acAA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v6.6.0/css/ 		2 KB
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v6.6.0/css/free-v4-font-face.min.css?token=0634a162a5
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:35 GMT
content-encoding
gzip
via
1.1 6c9274205f681e6532f5f293414b8d2e.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MIA3-C3
age
576454
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 15 Jul 2024 22:20:39 GMT
server
cloudflare
etag
W/"a5a0c9048efb7cb5df90023064d09ba4"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lzxpRuGfItx334o2xvdEqreieAyS%2B9mBqmLdwkgWU9q268Qz13g70OGkOaVXPM47VBwd1QtwCn7Q%2F06Y51hcA3hyKMaTVB5kIu1GxBd2DJO1jI2EJHgc%2Bfk1jwR9QlcPNlzAMjh4PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31556926
vary
Accept-Encoding
cf-ray
8a7a6b01efdc8750-MIA
access-control-allow-headers
fa-kit-token
x-amz-cf-id
trAgA7j0V9MK_JnCNHfG4URnChI7eBq9tZM1BODah3WxHfWNpkHefQ==
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KZCBPP31MB&gtm=45je47h0v882138785za200&_p=1721724574972&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=0&cid=144171540.1721724576&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1721724575&sct=1&seg=0&dl=https%3A%2F%2Fevents.merkos302.com%2Fsso%2F%3Fredirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252Fapi.php%252Fauth%252Fmerkosauthv2sso%253Fcdochecked%253Dtrue%2526redirect_uri%253Dhttps%25253A%25252F%25252Fwww.services.merkos302.com%25252F%26state%3D%26require_login%3Dtrue&dt=Merkos%20302%20Services%20Center&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2579&_z=fetch
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Jul 2024 08:49:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://events.merkos302.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
o426802.ingest.sentry.io/api/5370063/envelope/ 		41 B
340 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://o426802.ingest.sentry.io/api/5370063/envelope/?sentry_key=16accac3ae0d41fd955001a297cb9dd4&sentry_version=7
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.2.0/bundle.tracing.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.195.120.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7a8df9b51293115840e458f454e020041c7aeafc5e3869b4a09a94d732276357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 23 Jul 2024 08:49:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
server
nginx
vary
origin,access-control-request-method,access-control-request-headers
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
x-sentry-error,x-sentry-rate-limits,retry-after
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41
jquery-latest.min.js
w2.chabad.org/scripts/js/os/ 		96 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w2.chabad.org/scripts/js/os/jquery-latest.min.js
Requested by
Host: chabadorg.clhosting.org
URL: https://chabadorg.clhosting.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.223.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ca1db2826eb9512f8c18add37528b1f248c66fa440889820c9954c8698ad5cd
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://events.merkos302.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 23 Jul 2024 08:49:36 GMT
content-encoding
gzip
strict-transport-security
max-age=86400
last-modified
Wed, 22 Nov 2023 16:40:09 GMT
server
cloudflare
cf-cache-status
HIT
age
12668335
etag
"adba5c8e621dda1:0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=31536000
accept-ranges
bytes
cf-ray
8a7a6b0bb8274c1f-MIA
content-length
41816
login
www.chabad.org/api/ Frame 57AB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.chabad.org/api/login?b5dc19fe-e0e4-4e80-b3f6-27ae440f4c91&viewId=1721724576657-993708-6456363577&idx=0&p=https&d=events.merkos302.com&viewStyle=button
Requested by
Host: chabadorg.clhosting.org
URL: https://chabadorg.clhosting.org/scripts/js/api/baseapi.js.asp?B5DC19FE-E0E4-4E80-B3F6-27AE440F4C91
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.223.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://events.merkos302.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
private
cf-cache-status
MISS
cf-ray
8a7a6b0ccbcaa698-MIA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 23 Jul 2024 08:49:36 GMT
last-modified
Tue, 23 Jul 2024 08:49:36 GMT
server
cloudflare
strict-transport-security
max-age=86400
vary
Accept-Encoding
favicon-32x32.png
events.merkos302.com/sso/favicon/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://events.merkos302.com/sso/favicon/favicon-32x32.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.188.244.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-188-244-137.us-west-2.compute.amazonaws.com
Software
Apache /
Resource Hash
16737959b541092ff5d1fed8f58df8db31e80e1289d521f1b759ed634d2f3825
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date
Tue, 23 Jul 2024 08:49:37 GMT
Strict-Transport-Security
max-age=16070400
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Last-Modified
Mon, 15 Aug 2022 03:49:47 GMT
Server
Apache
ETag
"963-5e63f85ec906a"
Content-Type
image/png
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
2403
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| FontAwesomeKitConfig function| m object| Sentry object| __SENTRY__ function| gtag object| dataLayer object| default_gsi object| _F_toggles object| google object| closure_lm_254117 object| __G_ID_CLIENT__ object| closure_lm_240211 object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| MyChabadApi object| q function| $j object| regeneratorRuntime object| Co object| Listeners function| jQuery boolean| DomLoaded

8 Cookies

Domain/Path Name / Value
www.services.merkos302.com/ Name: PHPSESSID
Value: kfqn1j1kqeromfbulg25f11u2j
events.merkos302.com/ Name: PHPSESSID
Value: tv702n9efmcid61cmt3s80p4m0
.merkos302.com/ Name: _ga
Value: GA1.1.144171540.1721724576
.merkos302.com/ Name: _ga_KZCBPP31MB
Value: GS1.1.1721724575.1.0.1721724575.0.0.0
.chabadorg.clhosting.org/ Name: __cf_bm
Value: Jky9XcdIkvn3C7QyqQK5856hQOAGLZhIhOsSS4s90Uw-1721724575-1.0.1.1-ugyz0worQ2WTQShvUVt2SysFrVu1whk4D278HLFROv18_v.DGC0yD_QielbXK_KGX5GTIN5zBuIGrpoxyUJ2dCxEXH3JeIFMkdKlEGDUuyw
.chabadorg.clhosting.org/ Name: _cfuvid
Value: d1FHDs8kOF5qQIuJASRKYT_IizZg0qYn_rWmj0xO6I4-1721724575984-0.0.1.1-604800000
.chabad.org/ Name: _cfuvid
Value: d5LMo0z5C_8cANGXH4tyLJGk5nYJUjNa9zAudsIhFmo-1721724577007-0.0.1.1-604800000
.chabad.org/ Name: __cf_bm
Value: rTTXsI7zvzr1aKuUhwXghNbHENitC0cVaiIfJYaHatE-1721724577-1.0.1.1-b_EDUKfd2XLKoNWT04YOvjnJmuFc30ECwLj76rim9q2Sb3PdpcTQZY6HpuJmSY2Z66EbqM7xbFv3ETwu4DWM0xPtqum3nZxqU1LQ2wp4G.k

3 Console Messages

Source Level URL
Text
network error URL: https://events.merkos302.com/sso/css/general.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation verbose URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
other error URL: https://events.merkos302.com/sso/?redirect_uri=https%3A%2F%2Fwww.services.merkos302.com%2Fapi.php%2Fauth%2Fmerkosauthv2sso%3Fcdochecked%3Dtrue%26redirect_uri%3Dhttps%253A%252F%252Fwww.services.merkos302.com%252F&state=&require_login=true
Message:
Provider's accounts list is empty.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.jsdelivr.net *.chabad.org *.googleapis.com *.stripe.com *.merkos302.com www.googletagmanager.com www.google-analytics.com *.google.com *.youtube.com cdnjs.cloudflare.com/ajax/libs/Swiper/ *.fontawesome.com *.chabadoncall.com unpkg.com/mithril *.unpkg.com https: accounts.google.com js.stripe.com browser.sentry-cdn.com *.sentry.io *.bootstrapcdn.com 'unsafe-inline' 'unsafe-eval'; font-src 'self' data: *;img-src https: data:; style-src 'self' 'unsafe-inline' *.unpkg.com https: unpkg.com/swiper@8/swiper-bundle.min.js;
Strict-Transport-Security max-age=16070400
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
browser.sentry-cdn.com
cdn.jsdelivr.net
chabadorg.clhosting.org
events.merkos302.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
o426802.ingest.sentry.io
unpkg.com
w2.chabad.org
www.chabad.org
www.google-analytics.com
www.googletagmanager.com
www.services.merkos302.com
104.19.222.11
104.19.223.11
172.67.139.119
2606:4700:4400::ac40:93bc
2606:4700::6811:f6cb
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::200a
2607:f8b0:4006:820::2003
2607:f8b0:4006:821::2008
2607:f8b0:400c:c13::54
2a04:4e42:400::485
2a04:4e42:600::729
34.120.195.249
54.188.244.137
032f87eebdaef124aa6a90fa8e4fad301689a7c1e3dd8058167d27c637e835c1
16737959b541092ff5d1fed8f58df8db31e80e1289d521f1b759ed634d2f3825
1ae3c19265723696f50e3226dcd43fbc7ea617697e0d7169a8e52c854ae3826c
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1fc1eec7a5c627055782980b5a952fbd0c2f3ebbfaac6c8cb9f29cf963c0dbd7
23802c8fe0291ff5786bba08dcb43103c5638c33107c7093f95a8b578aedca3f
2ff641811265a923dbd739d36eb4d821c0f55af8dd3b58a512f01c4f82e1c5be
340e6d7f301471e307e50c2ed43fe45debc8ebbf24febef17b24f0b06f8883f2
37f4af2f7cf09e939a1f852036f1a611f4f1967b752d5348348ef5cf8fe3e7f3
780f0884697fc454d3ad8268ad3c3af576fdb5c6f0de416bd94fe876e02fc1ea
7a8df9b51293115840e458f454e020041c7aeafc5e3869b4a09a94d732276357
7ca1db2826eb9512f8c18add37528b1f248c66fa440889820c9954c8698ad5cd
7f264c31cdb355f351235359240c30acae2bbe0a43c73fa6a035123e6d953a01
847280dddfc7b6d0bc396dd2974f775bc0e866e7611c90e3fbe919628e8c2f30
867db2e50682668d0662a2f722569e800939d30231b53b6950f891439c99f8b5
9cb245eb105c46995520eae3b597a6241caf0cbfc33937c75ea44597fd01c723
b9d764829f93ed1d3d039699c2ab529f697589f8e6f2b5b04e14912f089bee7a
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
ddfbe9ee1f7088339a85fa25a259765ade4258c082a7921b9f569ff9616f904a
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f99c17690330c805c47da3d7592864d6acf0f73817d432447e1b0c66ad28f221
fcf52b9521e6ecfbdfef5aed8782cc10180662ff3e7e37f414a2e26ca89363f8
fd396411afa226f25959a4fd2415afcd9e088d8b78753c575a2e26f6e6348ee9