xcdto.xyz Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response xcdto.xyz/	32 KB 5 KB	142ms 81ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2aafb0224b14ea9191e52ef71da636421dd1e5de6cee1a0fbe734c7a56063239 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 72288a83bfb8bb77-FRA content-encoding br content-type text/html date Tue, 28 Jun 2022 18:38:43 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" last-modified Sat, 18 Jun 2022 19:31:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eReddPLqO7zcCo%2BRx%2FbU2Rq8bOeDhvESPqBTuADvrc7D8zStrJcq%2BI8eIt5R4jDCpNJRDxY229%2BTt4tSn%2FcVhJONJcVYMQiQVyxbUIFT%2Fus0G13sxkVcvQn%2FOik9%2FWWELXdwpVXvopE%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	widget.js Show response helpukrainewinwidget.org/cdn/	18 KB 5 KB	93ms 27ms	Script application/javascript	164.90.232.210 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://helpukrainewinwidget.org/cdn/widget.js?type=one&position=top-left&layout=main Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 164.90.232.210 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash f820a28eb376bf108bf9d2d65a24fa48398a1e008289cad9b0694bd8143a38d0 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers x-bb-except Cookie=__prerender_bypass,__next_preview_data x-nf-request-id 01G6NSQKQK6K8F5CD5554ZRA0K date Mon, 27 Jun 2022 17:15:50 GMT content-encoding gzip server Netlify age 91373 etag "f759c3a3ef94aa5ea76a9f12b9225f10-ssl-df" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 4651
GET H2	200	101368928.js Show response static.getclicky.com/	15 KB 6 KB	94ms 40ms	Script text/javascript	2606:4700::6810:a010 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.getclicky.com/101368928.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2606:4700::6810:a010 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f6cb1907df6d07581d2d4490527c6b1363b31d3b3eabbb8ca801187fdb3a067c Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding gzip cf-cache-status HIT last-modified Tue, 28 Jun 2022 10:57:52 GMT server cloudflare age 27651 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * expires Tue, 05 Jul 2022 10:57:52 GMT cache-control max-age=604800 cf-ray 72288a849ace9b77-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-proxy-cache MISS
GET H2	200	js Show response www.googletagmanager.com/gtag/	191 KB 69 KB	92ms 41ms	Script application/javascript	2a00:1450:4001:828::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1SZMMY0FKR Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash b3c987118b75d40e8e679c86bf9e3b89c06c121a3bf2644f52ec46d7042fc0f6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 70140 x-xss-protection 0 expires Tue, 28 Jun 2022 18:38:44 GMT
GET H2	200	bootstrap.min.css cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/	158 KB 25 KB	92ms 36ms	Stylesheet text/css	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 796 x-jsd-version 4.6.0 x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19164-FRA, cache-itm18841-ITM timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6LvXrJAFGILoZX2XFHMvEPFSaUq72%2BNvifnoT6Tv6WfE7Fc547AA4sbCV1QrSFg5ypmkOf1vW02B%2FPPK8tXJzqrspDqfkCPF%2FuB9deq%2B4g9J5NxcnHPXPWFya7q8GJ2ir1jr%2BMGfkJD09ZX89aw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 72288a849a29bbeb-FRA access-control-expose-headers *
GET H2	200	main.css xcdto.xyz/	4 KB 2 KB	90ms 89ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xcdto.xyz/main.css Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60198749a0eb7523f820477e5471d32d2d0ef37c1ad269447dbf5186928cfe74 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding br cf-cache-status MISS last-modified Sat, 09 Apr 2022 14:57:42 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaDSkpONRZPATDfFkHu1BNq%2FZUQ1F3QnO9UsZ4%2Fe0T3wwl0HWZvylXy3uS1FAVubI%2BIuDXW4OXQakYJF9Zh96CLeVHeE%2FaOruyR8LMxgGR1rDMcrQBPNncAbA9pOM%2BaIOdBGd%2BVjEWk%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 72288a8448eebb77-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	style.css xcdto.xyz/	982 B 678 B	80ms 79ms	Stylesheet text/css	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xcdto.xyz/style.css Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f7d11aa26f372db4659a3ed8524d42ee9f7aac54a7a0b349f56c5fb2e08d2423 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding br cf-cache-status MISS last-modified Sat, 09 Apr 2022 14:38:46 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99Kx5sbcZo23OnBlBzAxdOsrwJeykKLkskwdmd3af4x0wkIA9xzD74vrGJ62Ib2wyJmUVaFIYH1wIQTj7cV3KHHnSt5lktrakoxxdRcJB2258kmwsukIrkZ9ETWcWZXHm7w%2BhbWKvnQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 72288a8448f0bb77-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	873100a608.js Show response kit.fontawesome.com/	11 KB 4 KB	89ms 41ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/873100a608.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 924e516b5b606b4383304f16407e88d962f59f1281ee5ed46b22adf52d38cd18 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=60, public, must-revalidate strict-transport-security max-age=31536000; preload cf-ray 72288a849c4d923b-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id Fvy6cdY250HvnpOgTXxB
GET H2	200	jquery-3.5.1.slim.min.js Show response code.jquery.com/	71 KB 24 KB	58ms 20ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.5.1.slim.min.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding gzip last-modified Wed, 16 Feb 2022 10:50:39 GMT server nginx etag W/"620cd6ff-11abc" vary Accept-Encoding x-hw 1656441523.dop009.am5.t,1656441523.cds237.am5.hn,1656441523.cds110.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 24606
GET H2	200	bootstrap.bundle.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/	82 KB 22 KB	73ms 34ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 473318 x-jsd-version 4.6.0 x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19122-FRA, cache-cdg20745-CDG timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5EN%2FC2ingMROk2eeNrSjBL7%2FwavVvodpS8ZCLKTT4PsAvekSWu9kDTZDplf8RIH7wV8I899%2BwdMFCwcOJkq4z4J4nRUHPv3F7UjerJM2piy%2B8B5crb1PnVQETgYTY0n4an1A6utwzd9Gg1iqe9Y%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 72288a84aa2fbbeb-FRA access-control-expose-headers *
GET H2	200	popper.min.js Show response cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/	21 KB 8 KB	71ms 31ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 473427 x-jsd-version 1.16.1 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19146-FRA, cache-itm18840-ITM timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wrCR27m3EKQ%2BQkf6YAzz6TuOm9d5DhoPlVy2o0tXw9rmrKR8zULm0dnU6wSpAWY90v0ZhBzf1L%2B9we4TUyNgPilIX1C75xT%2BUSIMaT1KWXJTgLWn5xmvCeF7DzbQnpUqed7JLZvlL1x1m8FEKDM%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 72288a84aa2dbbeb-FRA
GET H2	200	bootstrap.min.js Show response cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/	62 KB 16 KB	71ms 32ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:43 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 8587019 x-jsd-version 4.6.0 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19142-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tuB1eI%2BWkws0Hc45%2B8qjsSO8YjLODgePMra2q5E3ZIjcFga5M1fPScF0Q9GO7LAIRwnw20r9IOAWlEH2ctaMHLKCJNEUHRu2oPTUq0M6Z1m0wBMi3gDFqExLGdOPh9l0lvOXJBEaOSAvrPgj%2Fk0%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 72288a84aa32bbeb-FRA
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	59 KB 13 KB	86ms 40ms	Fetch text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=873100a608 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/873100a608.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT via 1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BpezlAjRELAu9IUZ%2FJDJMv3tWRIgagenrpgT0%2FtcC0a0%2FFHqp8nMphsX7nFH9hCER1M9WEYUn9ZlE63Yr0f66n6am%2FDX%2FdR9dENco1O%2BOBH9ZkhUzCzTsIsfEShRjOUV1jxpXJVkKUzUOQvOjdJjy7jCA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 72288a854d838fe0-FRA access-control-allow-headers fa-kit-token x-amz-cf-id cJfrM9oiCu_w5WoT7O7Ap-8oE9LXeJhpga2jr9m05isPfqxHD9xJdg==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	26 KB 4 KB	90ms 44ms	Fetch text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=873100a608 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/873100a608.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT via 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"76f34b71fc9fb641507ff6a822cc07f5" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i72hGlWSNzwv5uUJJRLtqWzrxn1n6P87uqyUkA0Ku1p9eZpyiQBIs%2BLySrNAKHJjTOLTHAjM67Dw7hEoKutm9wzvScL2ngthVjm21ZJzyrBdlhDk5wHL2NThMECFjbg7NxRYdRA1GQ1BPIVFDYqtWdS8Ig%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 72288a854d868fe0-FRA access-control-allow-headers fa-kit-token x-amz-cf-id JPpHgHkhAZCYxcRW9-PAeu3UNm4iREbNK28Sgv0ayN7pFfvOS8UQLg==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v5.15.4/css/	3 KB 2 KB	84ms 39ms	Fetch text/css	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=873100a608 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/873100a608.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT via 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront) vary Accept-Encoding cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA2-C1 x-cache Hit from cloudfront access-control-allow-methods GET content-encoding br alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Wed, 04 Aug 2021 18:53:09 GMT server cloudflare etag W/"f2e0b2680d9b0bcb6e0039c4424e5a59" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" access-control-max-age 3000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krkzi4NRFfB1%2FRjkxgSUpY7rjCaijUeJGMG2YSREOvURVhnQBb8aakBlH7pJhlvrJ%2FaiBulkiONJ7wVLZbINmSKBV8BywSULRtypHufeD%2BPkS2HUvLMpKAvad%2FJ231aZVbeONbmargMgvfD4X7pSk4Vbvg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css access-control-allow-origin * cache-control max-age=31556926 cf-ray 72288a854d888fe0-FRA access-control-allow-headers fa-kit-token x-amz-cf-id IhOy63qY7gWhI4g9Q_2MzKpVgPHR4bsVyd_kUn7GGtjdi3-anP-0Gw==
GET H2	200	fuckadblock.min.js Show response cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/	5 KB 2 KB	85ms 38ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fuckadblock/3.2.1/fuckadblock.min.js Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2325731 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1309 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:19 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e6b-1285" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tii4jB4mgEVWzb0GfzgtrG4GnOAdMGP%2BozNHRfhfsfi9uyvASy%2BMKMLTLTEdJBkKox9rE3Hcp0E%2BzaMiwoOgoqa3wNw32Ouq0ad8HV4ybqq8e3drM00coUDQAttSitJiYIhKaYWzuWOuhFFgYykSsyb"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 72288a855bca5c20-FRA expires Sun, 18 Jun 2023 18:38:44 GMT
GET H3	200	Comfortaa-Medium.ttf xcdto.xyz/fonts/	137 KB 65 KB	150ms 150ms	Font font/ttf	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://xcdto.xyz/fonts/Comfortaa-Medium.ttf Requested by Host: xcdto.xyz URL: https://xcdto.xyz/main.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94b1e25a642c45bd45f9e3fa2f0992f9843dab5056c5dcff69fe2cce83361349 Request headers Referer https://xcdto.xyz/main.css Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT content-encoding br cf-cache-status MISS last-modified Sat, 09 Apr 2022 14:48:49 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w8Y3G6lVcd4zTSHsaQogm50rG2DewfF8GnPXhBUgeEftbXZ2fVRw7TnReYz3ij%2BnCbHpjoO6ZtnevNYo5Q58%2BFezxptnTuWX4hYoxyHlYY01bF0ODWdi1v3yHE0vNC8g0yo5xGUs2tU%3D"}],"group":"cf-nel","max_age":604800} content-type font/ttf cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 72288a851ea790a8-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	script.js Show response analytics.helpukrainewinwidget.org/js/	1 KB 2 KB	317ms 99ms	Script application/javascript	54.234.148.88 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://analytics.helpukrainewinwidget.org/js/script.js Requested by Host: helpukrainewinwidget.org URL: https://helpukrainewinwidget.org/cdn/widget.js?type=one&position=top-left&layout=main Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.234.148.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-234-148-88.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 2b4c9f3b3f3bc15a6ce53e7c8b1f75dac771715e958271e08ff9cf2f0137191f Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 28 Jun 2022 18:38:44 GMT x-content-type-options nosniff Server nginx/1.18.0 (Ubuntu) Content-Type application/javascript access-control-allow-origin * cache-control public, max-age=86400, must-revalidate cross-origin-resource-policy cross-origin Connection keep-alive Content-Length 1335
GET H2	200	css2 fonts.googleapis.com/	6 KB 1 KB	55ms 23ms	Stylesheet text/css	2a00:1450:400e:803::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Requested by Host: client URL: about:client Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 28 Jun 2022 17:26:13 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 28 Jun 2022 18:38:44 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Jun 2022 18:38:44 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	83ms 28ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 08:45:42 GMT x-content-type-options nosniff age 35582 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 28 Jun 2023 08:45:42 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	73ms 22ms	Font font/woff2	2a00:1450:4001:831::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 27 Jun 2022 12:56:05 GMT x-content-type-options nosniff age 106959 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 27 Jun 2023 12:56:05 GMT
GET H3	200	free-fa-regular-400.woff2 ka-f.fontawesome.com/releases/v5.15.4/webfonts/	13 KB 14 KB	62ms 37ms	Font font/woff2	2a06:98c1:3121::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-regular-400.woff2 Requested by Host: xcdto.xyz URL: https://xcdto.xyz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b Request headers Referer https://xcdto.xyz/ Origin https://xcdto.xyz accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT via 1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA60-P2 x-cache Hit from cloudfront access-control-max-age 3000 access-control-allow-methods GET alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 13216 last-modified Wed, 04 Aug 2021 18:58:24 GMT server cloudflare etag "b8f1c6a3a94d42b082c29f0b1db8ba95" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P7GKU0pIQvScE8L2erH6ClK8u111Mfn0KiwtPtvgseB1LJFg8ExWiN8YNzlzcus1zOeisENvYyi5PXmxnHppNfEHO0PFOmjBWju9QPsVAszq1zbwHDx0XWPN7lHmDfnec0yNIWuAuDjAVj13ekYDmn8uxQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type font/woff2 access-control-allow-origin * cache-control max-age=31556926 accept-ranges bytes cf-ray 72288a85d8a2905e-FRA access-control-allow-headers fa-kit-token x-amz-cf-id yBCfMPn2ahoVa6aOG6x4lT1iLvaZ7-XOC8cKRf-3PmCK0IzylqKevw==
POST H2	204	collect region1.google-analytics.com/g/	0 343 B	55ms 18ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-1SZMMY0FKR&gtm=2oe6m0&_p=2059147155&_z=ccd.v9B&cid=2129153962.1656441524&ul=en-us&sr=1600x1200&_s=1&sid=1656441524&sct=1&seg=0&dl=https%3A%2F%2Fxcdto.xyz%2F&dt=X%CC%8E%CC%BAC%CD%9B%CD%AC%CD%8E%CC%99%CC%98%CD%8ED%CC%8E%CD%AD%CC%A1%CD%8D%CC%ADT%CD%97%CD%A9%CC%89%CD%89%CC%9D%CC%AC%CC%A9O%CD%9C%CC%A9%CC%A0%CC%A6%CC%A3%CD%87%CC%AC%20%F0%9F%8D%89&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1SZMMY0FKR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 28 Jun 2022 18:38:44 GMT server Golfe2 content-type text/plain access-control-allow-origin https://xcdto.xyz cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	in.php Show response in.getclicky.com/	222 B 400 B	461ms 154ms	Script text/javascript	198.145.13.11 DF-PTL01
General Check archive.org Show headers Download Go to Full URL https://in.getclicky.com/in.php?site_id=101368928&type=pageview&href=%2F&title=X%CC%8E%CC%BAC%CD%9B%CD%AC%CD%8E%CC%99%CC%98%CD%8ED%CC%8E%CD%AD%CC%A1%CD%8D%CC%ADT%CD%97%CD%A9%CC%89%CD%89%CC%9D%CC%AC%CC%A9O%CD%9C%CC%A9%CC%A0%CC%A6%CC%A3%CD%87%CC%AC%20%F0%9F%8D%89&res=1600x1200&lang=en-US&tz=Etc%2FUnknown&tc=&ck=1&mime=js&x=0.12029505818483832 Requested by Host: static.getclicky.com URL: https://static.getclicky.com/101368928.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 198.145.13.11 Sherwood, United States, ASN2044 (DF-PTL01, US), Reverse DNS getclicky.com Software nginx / Resource Hash 6c65cef7c2a351fa28f41446a0e34cb742db1819de8a93cfddbc6e9379ff09d3 Request headers accept-language nl-NL,nl;q=0.9 Referer https://xcdto.xyz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 28 Jun 2022 18:38:44 GMT content-encoding gzip server nginx vary Accept-Encoding, Accept-Encoding content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control no-cache, must-revalidate, post-check=0, pre-check=0 expires Mon, 26 Jul 1997 05:00:00 GMT
POST H/1.1	202 Accepted	event Show response analytics.helpukrainewinwidget.org/api/	2 B 372 B	299ms 101ms	XHR text/plain	54.234.148.88 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://analytics.helpukrainewinwidget.org/api/event Requested by Host: analytics.helpukrainewinwidget.org URL: https://analytics.helpukrainewinwidget.org/js/script.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.234.148.88 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-234-148-88.compute-1.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df Request headers Referer https://xcdto.xyz/ accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Content-Type text/plain Response headers Date Tue, 28 Jun 2022 18:38:44 GMT Server nginx/1.18.0 (Ubuntu) Content-Type text/plain; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true Connection keep-alive Content-Length 2 x-request-id Fvzcylg82Vln5bIAaFvi

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| gtag object| dataLayer object| clicky_obj object| clicky object| clicky_custom function| test object| clicky_site_ids object| _cgen object| _cgen_custom object| FontAwesomeKitConfig function| getRandomInt number| fucknum function| showFuckedVideo function| adBlockNotDetected function| adBlockDetected object| importFAB function| $ function| jQuery object| bootstrap function| Popper function| FuckAdBlock object| fuckAdBlock object| google_tag_manager function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| plausible string| _heatmaps_g2g_101368928

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.xcdto.xyz/	1970-01-20 21:38:33	Name: _ga_1SZMMY0FKR Value: GS1.1.1656441524.1.0.1656441524.0
			.xcdto.xyz/	1970-01-20 21:38:33	Name: _ga Value: GA1.1.2129153962.1656441524
			.xcdto.xyz/	1970-01-20 12:52:57	Name: _jsuid Value: 3188411329
			.xcdto.xyz/	1970-01-20 04:07:22	Name: _heatmaps_g2g_101368928 Value: yes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.helpukrainewinwidget.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
helpukrainewinwidget.org
in.getclicky.com
ka-f.fontawesome.com
kit.fontawesome.com
region1.google-analytics.com
static.getclicky.com
www.googletagmanager.com
xcdto.xyz
164.90.232.210
198.145.13.11
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
2606:4700::6810:5914
2606:4700::6810:a010
2606:4700::6811:190e
2606:4700::6812:1634
2a00:1450:4001:828::2008
2a00:1450:4001:831::2003
2a00:1450:400e:803::200a
2a06:98c1:3120::3
2a06:98c1:3121::3
54.234.148.88
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2aafb0224b14ea9191e52ef71da636421dd1e5de6cee1a0fbe734c7a56063239
2b4c9f3b3f3bc15a6ce53e7c8b1f75dac771715e958271e08ff9cf2f0137191f
48fb6f0d8ac464d95cbc2df3ffa7bf5066950898c5581f5133d0565abb7f706b
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
55d2ab860a7100b201e762c2046bc65a5d16236a0263dee3e95c711be581b345
60198749a0eb7523f820477e5471d32d2d0ef37c1ad269447dbf5186928cfe74
6c65cef7c2a351fa28f41446a0e34cb742db1819de8a93cfddbc6e9379ff09d3
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
924e516b5b606b4383304f16407e88d962f59f1281ee5ed46b22adf52d38cd18
94b1e25a642c45bd45f9e3fa2f0992f9843dab5056c5dcff69fe2cce83361349
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0212543cc5a4a0a31c1b5a9d1e8973261992116b4cfde3e7dfcf33b4e81a97b
b3c987118b75d40e8e679c86bf9e3b89c06c121a3bf2644f52ec46d7042fc0f6
c63c0a518fcd8243e365904eb4ec5162d2b6d066aa4f05027fb598089d73ebdc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6cb1907df6d07581d2d4490527c6b1363b31d3b3eabbb8ca801187fdb3a067c
f7d11aa26f372db4659a3ed8524d42ee9f7aac54a7a0b349f56c5fb2e08d2423
f820a28eb376bf108bf9d2d65a24fa48398a1e008289cad9b0694bd8143a38d0
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f