www.ncsc.org Open in urlscan Pro
203.82.24.114 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkI...
Effective URL:
https://www.ncsc.org/donate
Submission: On November 04 via manual (November 4th 2022, 3:01:19 am UTC) from US — Scanned from DE

Summary HTTP 62 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 16 IPs in 2 countries across 14 domains to perform 62 HTTP transactions. The main IP is 203.82.24.114, located in Sacramento, United States and belongs to SQUIZUS, GB. The main domain is www.ncsc.org.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 15th 2022. Valid for: a year.

This is the only time www.ncsc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2001:18c8:17f... 2001:18c8:17f:fc75::d186:90e5	8015 (VISI-AS) (VISI-AS)
1 15	203.82.24.114 203.82.24.114	202595 (SQUIZUS) (SQUIZUS)
5	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
5	2.16.241.96 2.16.241.96	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
11	99.86.4.119 99.86.4.119	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:f000:2:68c1:1040:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	209.160.102.255 209.160.102.255	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.190.25.25 35.190.25.25	15169 (GOOGLE) (GOOGLE)
62	16

1 2001:18c8:17f:fc75::d186:90e5 (United States)

ASN8015 (VISI-AS, US)

lnks.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 203.82.24.114 (Sacramento, United States) 1 redirects

ASN202595 (SQUIZUS, GB)
PTR: ncfsc-web01.sac1.squiz.cloud

ncsc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ncsc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.241.96 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-241-96.deploy.static.akamaitechnologies.com

www.dafdirect.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 99.86.4.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-119.fra6.r.cloudfront.net

sky.blackbaudcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:f000:2:68c1:1040:93a1 (United States)

ASN16509 (AMAZON-02, US)

host.nxt.blackbaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.160.102.255 (United States)

ASN16509 (AMAZON-02, US)

payments.blackbaud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.25.25 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 25.25.190.35.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	ncsc.org 1 redirects ncsc.org www.ncsc.org	259 KB
11	blackbaudcdn.net sky.blackbaudcdn.net — Cisco Umbrella Rank: 59681	797 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	269 KB
5	dafdirect.org www.dafdirect.org — Cisco Umbrella Rank: 931111	72 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	4 KB
4	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 4327	559 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	132 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1165	83 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97	20 KB
2	blackbaud.com host.nxt.blackbaud.com — Cisco Umbrella Rank: 163347 payments.blackbaud.com — Cisco Umbrella Rank: 39693	4 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 361	88 KB
1	google.com www.google.com — Cisco Umbrella Rank: 17	969 B
1	lnks.gd lnks.gd — Cisco Umbrella Rank: 71164	822 B
0	blackbaud.net Failed fms-pusa01.app.blackbaud.net Failed
62	14

	Domain	Requested by
14	www.ncsc.org	lnks.gd www.ncsc.org
11	sky.blackbaudcdn.net	www.ncsc.org host.nxt.blackbaud.com sky.blackbaudcdn.net
5	www.dafdirect.org	www.ncsc.org www.dafdirect.org
5	fonts.gstatic.com	fonts.googleapis.com
5	fonts.googleapis.com	www.ncsc.org sky.blackbaudcdn.net
4	api-js.mixpanel.com	sky.blackbaudcdn.net
3	www.googletagmanager.com	www.ncsc.org www.googletagmanager.com
2	maxcdn.bootstrapcdn.com	sky.blackbaudcdn.net maxcdn.bootstrapcdn.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdnjs.cloudflare.com	www.ncsc.org cdnjs.cloudflare.com
1	payments.blackbaud.com	host.nxt.blackbaud.com
1	host.nxt.blackbaud.com	sky.blackbaudcdn.net
1	www.gstatic.com	www.google.com
1	www.google.com	www.ncsc.org
1	ncsc.org	1 redirects
1	lnks.gd
0	fms-pusa01.app.blackbaud.net Failed	sky.blackbaudcdn.net
62	17

This site contains links to these domains. Also see Links.

Domain
cdm16501.contentdm.oclc.org
ncsc.contentdm.oclc.org
e-courts.org
www.linkedin.com
twitter.com
www.facebook.com
vimeo.com
pinterest.com

Subject Issuer	Validity	Valid
lnks.gd GoGetSSL RSA DV CA	`2022-07-07` - `2023-07-07`	a year	crt.sh
www.ncsc.org Go Daddy Secure Certificate Authority - G2	`2022-07-15` - `2023-06-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
akamai.cgf.fidelity.com Entrust Certification Authority - L1M	`2022-02-04` - `2023-03-03`	a year	crt.sh
sky.blackbaudcdn.net Amazon	`2022-08-09` - `2023-09-07`	a year	crt.sh
host.nxt.blackbaud.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
payments.blackbaud.com GeoTrust TLS RSA CA G1	`2022-03-07` - `2023-04-03`	a year	crt.sh
*.mixpanel.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-28` - `2023-04-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.ncsc.org/donate
Frame ID: E0100D0090027FAE2F9276BA25744715
Requests: 39 HTTP requests in this frame

Frame: https://host.nxt.blackbaud.com/donor-form?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&zone=usa&referral=https://lnks.gd/&bbeml=
Frame ID: 373C57A9BDFA28245FB9F057D60FCD45
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate | NCSC

Page URL History Show full URLs

https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGlja... Page URL
https://ncsc.org/donate HTTP 301
https://www.ncsc.org/donate Page URL

Detected technologies

Squiz Matrix (CMS) Expand

Overall confidence: 100%
Detected patterns

<!--\s+Running (?:MySource|Squiz) Matrix

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Handlebars (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

handlebars(?:\.runtime)?(?:-v([\d.]+?))?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Twitter typeahead.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:typeahead|bloodhound)\.(?:jquery|bundle)?(?:\.min)?\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

62
Requests

94 %
HTTPS

67 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

1731 kB
Transfer

6120 kB
Size

5
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://cdm16501.contentdm.oclc.org/digital/
Title: eCollection

Search URL Search Domain Scan URL

URL: https://ncsc.contentdm.oclc.org/digital/
Title: eCollection

Search URL Search Domain Scan URL

URL: https://e-courts.org/
Title: eCourts 2022

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/national-center-for-state-courts/
Title: Linkedin Link

Search URL Search Domain Scan URL

URL: https://twitter.com/statecourts
Title: Twitter Link

Search URL Search Domain Scan URL

URL: https://www.facebook.com/StateCourts/
Title: Facebook Link

Search URL Search Domain Scan URL

URL: https://vimeo.com/statecourts
Title: Vimeo Link

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.ncsc.org/donate
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.ncsc.org/donate
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/shareArticle?mini=true&url=https://www.ncsc.org/donate
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://pinterest.com/pin/create/button/?url=https://www.ncsc.org/donate
Title: Pinterest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjExMDEuNjU5OTc0MzEiLCJ1cmwiOiJodHRwczovL25jc2Mub3JnL2RvbmF0ZSJ9.00p8NtBQmMEcjSSttafx8HRp_1OGnO0IyQeWyNFVSSM/s/2923551925/br/147128636144-l Page URL
https://ncsc.org/donate HTTP 301
https://www.ncsc.org/donate Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK 147128636144-l
lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjExMDEuNjU5OTc0MzEiLCJ1cmwiOiJodHRwczovL25jc2Mub3JnL2RvbmF0ZSJ9.00p8NtBQmMEcjSSttafx8... 372 B
822 B 494ms
128ms Document
text/html 2001:18c8:17f:fc75::d186:90e5
VISI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjExMDEuNjU5OTc0MzEiLCJ1cmwiOiJodHRwczovL25jc2Mub3JnL2RvbmF0ZSJ9.00p8NtBQmMEcjSSttafx8HRp_1OGnO0IyQeWyNFVSSM/s/2923551925/br/147128636144-l

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2001:18c8:17f:fc75::d186:90e5 , United States, ASN8015 (VISI-AS, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Connection: close
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Nov 2022 03:01:10 GMT
ETag: W/"672b83cba61c5c176be9d4ce13273314"
Referer: lnks.gd
Referrer-Policy: origin
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Request-Id: f1cc99d0-a3c8-4761-a911-a9cc7fa6a072
X-Runtime: 0.005071
X-Served-By: prod-hyruleweb10.ep.gdi

GET
H/1.1

200
OK

Primary Request donate Show response
www.ncsc.org/
Redirect Chain

https://ncsc.org/donate
https://www.ncsc.org/donate

52 KB
9 KB

1446ms
757ms

Document
text/html

203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/donate

Requested by

Host: lnks.gd
URL: https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjExMDEuNjU5OTc0MzEiLCJ1cmwiOiJodHRwczovL25jc2Mub3JnL2RvbmF0ZSJ9.00p8NtBQmMEcjSSttafx8HRp_1OGnO0IyQeWyNFVSSM/s/2923551925/br/147128636144-l

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

9be1af390b156b5b09db0385f96f5450a92f955fb1e6132ef779d2273cf45cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMjExMDEuNjU5OTc0MzEiLCJ1cmwiOiJodHRwczovL25jc2Mub3JnL2RvbmF0ZSJ9.00p8NtBQmMEcjSSttafx8HRp_1OGnO0IyQeWyNFVSSM/s/2923551925/br/147128636144-l
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Fri, 04 Nov 2022 03:01:12 GMT
Expires: Fri, 04 Nov 2022 03:04:32 GMT
Server: openresty
Transfer-Encoding: chunked
Vary: Accept-Encoding Accept-Encoding
Via: 1.1 ncfsc-web01.sac1.squiz.cloud
X-Cache: MISS from ncfsc-web01.sac1.squiz.cloud
X-Content-Type-Options: nosniff
X-Request-ID: 8249b6a5-ff2f-4a2e-9310-2be30716e09c
X-upgrade-enabled: off

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Fri, 04 Nov 2022 03:01:11 GMT
Location: https://www.ncsc.org/donate
Server: openresty

GET
H/1.1 200
OK main.css
www.ncsc.org/__data/assets/git_bridge/0020/587/dist/ 661 KB
76 KB 348ms
348ms Stylesheet
text/css 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/git_bridge/0020/587/dist/main.css?h=1746f0f

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

26989bbcfdf80aa7e9ac57acb932d61d822705e6e2798fa310235c0f5f340406

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Jun 2022 00:02:16 GMT
Server: openresty
ETag: W/"62b10a88-a55e0"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:13 GMT

GET
H/1.1 200
OK ncsc-adhoc.site.css
www.ncsc.org/_design/css/ 8 KB
3 KB 594ms
255ms Stylesheet
text/css 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/_design/css/ncsc-adhoc.site.css

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

2f535961e7f0a2e7086e25972085cbb91c0f9c9943d8aa5f85edb811ad505ae8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

X-upgrade-enabled: off
Via: 1.1 ncfsc-web01.sac1.squiz.cloud
X-Content-Type-Options: nosniff
Date: Fri, 04 Nov 2022 03:01:13 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
X-Cache: MISS from ncfsc-web01.sac1.squiz.cloud
Content-Type: text/css;charset=utf-8
Vary: Accept-Encoding
Cache-Control: private, max-age=0
Connection: keep-alive
X-Request-ID: 7808133a-2378-4199-8f83-dcb7ed6d06a8

GET
H/1.1 200
OK ncsc-overwrites.css
www.ncsc.org/_design/css/ 398 B
741 B 553ms
214ms Stylesheet
text/css 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/_design/css/ncsc-overwrites.css

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

3e6802422b7f920f64fb0a6ebeff1e60c0eb7bb25a7edb770f2b92042e2f81bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

X-upgrade-enabled: off
Via: 1.1 ncfsc-web01.sac1.squiz.cloud
X-Content-Type-Options: nosniff
Date: Fri, 04 Nov 2022 03:01:13 GMT
Content-Encoding: gzip
Server: openresty
Transfer-Encoding: chunked
X-Cache: MISS from ncfsc-web01.sac1.squiz.cloud
Content-Type: text/css;charset=utf-8
Vary: Accept-Encoding
Cache-Control: private, max-age=0
Connection: keep-alive
X-Request-ID: 56f73839-232a-4195-a6e0-e6eadbe1351e

GET
H/1.1 200
OK addthat.min.css
www.ncsc.org/__data/assets/css_file/0027/63774/ 2 KB
925 B 516ms
172ms Stylesheet
text/css 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/css_file/0027/63774/addthat.min.css

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

0aff3c44b652103cb97865aaac697bf34283a22548289b0ddd90474983705e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 May 2021 10:20:52 GMT
Server: openresty
ETag: W/"609a5a84-81a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 708 B
869 B 65ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&display=swap

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 01:08:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 03:01:13 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
605 B 66ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed18ff9c76e54c9c04d0f9f3461d5b8b233a33598d7cbe3c32339e0ca9c18561

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 02:15:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 03:01:13 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 58ms
23ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncsc.org/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 175980
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10491
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cy4q%2FisXOqgZowxU%2BQfGiM8A2YLeRL7zA7Ssn2ysx0BdlC2%2B2RlzTVcYKHv4M0xfyb6C3jsdkwinKNCOMPJc7ngt%2FwnXrivuZGY5R2QPFBSJhUboXwNaHJ3sHt6fBXkxPsWnzd%2BakXK8oPZEBKDesVu7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764a1a949b4ebbeb-FRA
expires: Wed, 25 Oct 2023 03:01:13 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
969 B 66ms
26ms Script
text/javascript 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d090129339f10606292a643f5489c78bc7fab0206d94a2c3f034811a5f63e6e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 1; mode=block
expires: Fri, 04 Nov 2022 03:01:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
713 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700&display=swap

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/__data/assets/git_bridge/0020/587/dist/main.css?h=1746f0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

003292faf5ebfcb57d457a372ff5b7bed1115cf537b757752035bb53c7260c3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:01:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 03:01:13 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
668 B 26ms
25ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,400i,500,600,600i,700,700i&display=swap

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/__data/assets/git_bridge/0020/587/dist/main.css?h=1746f0f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bca664416f93136ff22f898650b79c4f7525f3731a5473444e2bd5b445e83310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 03:01:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 03:01:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 121 KB
47 KB 68ms
29ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PBSXS86

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cc79948ec00621c51e9f70703439e0329481c10bc19bdf1eb533de4d52e37dc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 47840
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 03:01:13 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/ 400 KB
160 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ncsc.org/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 19:20:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163140
x-xss-protection: 0
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 03 Nov 2023 19:20:25 GMT

GET
H/1.1 200
OK logo-ncsc-text-seal.svg
www.ncsc.org/__data/assets/file/0015/1086/ 89 KB
34 KB 183ms
182ms Image
image/svg+xml 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncsc.org/__data/assets/file/0015/1086/logo-ncsc-text-seal.svg

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

6780ea9cde2e8bb180917f73745e6fb025d7f01ad17ccf61c837dc5d2cbe0b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Feb 2020 21:21:30 GMT
Server: openresty
ETag: W/"5e3c835a-163ff"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H2 200 u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 20 KB
20 KB 60ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 03:47:50 GMT
x-content-type-options: nosniff
age: 83604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20028
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 16:41:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 03:47:50 GMT

GET
H2 200 u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 19 KB
20 KB 55ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather:300,400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 20:08:59 GMT
x-content-type-options: nosniff
age: 197535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 20:08:59 GMT

GET
H/1.1 200
OK dafdirect4.js Show response
www.dafdirect.org/ddirect/ 9 KB
3 KB 964ms
603ms Script
application/javascript 2.16.241.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafdirect.org/ddirect/dafdirect4.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

6ce2154afb36144dfb2ce5ef67d82597dec68bdb239a50045f8c8a3db4bb954d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 04 Nov 2022 03:01:15 GMT
P3P: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid: https-www.dafdirect.org-8443
Connection: keep-alive
Content-Length: 2510
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
fsreqid: REQ6364807a27fdd62898aaa99b6769aa33
Last-Modified: Fri, 21 Oct 2022 00:55:07 GMT
Server: Apache
ETag: "23e9-5eb80e49ac9d1-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript; charset=iso-8859-1
fselapsedtime: 5165
Cache-Control: private, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H2 200 main.js Show response
sky.blackbaudcdn.net/static/donor-form-loader/1/ 1 KB
1 KB 693ms
430ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/donor-form-loader/1/main.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

d654ae64d74ca7289b94b2fda7959acc07a45dd91e65a4516bef5f1d6194d521

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 03:01:14 GMT
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
x-envoy-upstream-service-time: 23
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8D988E6F1E5FB45"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: nRKSzWkUGXzf-hmPkhgzM-OcONCcKXv7hyRP6ci_8kx34QPzCklVhQ==
expires: 0

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 63ms
35ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Libre+Franklin:300,400,400i,500,600,600i,700,700i&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 17:51:25 GMT
x-content-type-options: nosniff
age: 119389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 17:51:25 GMT

GET
H2 200 0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
fonts.gstatic.com/s/lora/v26/ 20 KB
20 KB 71ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:wght@500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b431449981e3a2d878ca298bb1f3a9a27066564ba259de2f46a909b4385c5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 01:15:56 GMT
x-content-type-options: nosniff
age: 265518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19976
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:04:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 01:15:56 GMT

GET
H/1.1 200
OK thomson-reuters-transparent.png
www.ncsc.org/__data/assets/image/0018/24381/ 12 KB
13 KB 170ms
170ms Image
image/png 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ncsc.org/__data/assets/image/0018/24381/thomson-reuters-transparent.png

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

71de49e8dc1c3155d4a440587d3983b65b812a27675a5f0c17bf40e66c6a3c87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Apr 2020 17:30:40 GMT
Server: openresty
ETag: "5ea32240-3179"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12665
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK runtime.js Show response
www.ncsc.org/__data/assets/git_bridge/0020/587/dist/js/ 1 KB
1 KB 181ms
179ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/git_bridge/0020/587/dist/js/runtime.js?h=1746f0f

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

052036b6d2b093261dc5c8ad785690b8fe0a348b61a82d0a52fad07105b0d0bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 21 Jun 2022 00:02:16 GMT
Server: openresty
ETag: W/"62b10a88-5cd"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK main.js Show response
www.ncsc.org/__data/assets/git_bridge/0020/587/dist/js/ 249 KB
81 KB 343ms
341ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/git_bridge/0020/587/dist/js/main.js?h=1746f0f

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

dadaf24c58d70e92e6c831bccf59efa995f93a0fdbf427738f0c8138ae53bec6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Jul 2022 06:41:33 GMT
Server: openresty
ETag: W/"62ce691d-3e315"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK addthat.min.js Show response
www.ncsc.org/__data/assets/js_file/0028/63775/ 2 KB
1 KB 174ms
172ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/js_file/0028/63775/addthat.min.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

3879104bef6c7ce50bd2fd83c1ff197e367cf0c3110eec1ab4abe508381a5007

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 14 Jun 2022 14:12:31 GMT
Server: openresty
ETag: W/"62a8974f-60a"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK ncsc-adhoc.site.js Show response
www.ncsc.org/__data/assets/js_file_folder/0013/20236/ 3 KB
1 KB 253ms
172ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/js_file_folder/0013/20236/ncsc-adhoc.site.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

80b00ccaed8b61dc4cfd4ba79c12a9a936631b2dbdd2c9bd5f8139621516f29b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Oct 2022 19:17:56 GMT
Server: openresty
ETag: W/"6345c164-c43"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK typeahead.bundle.min.js Show response
www.ncsc.org/__data/assets/js_file/0020/19811/ 39 KB
12 KB 342ms
252ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/js_file/0020/19811/typeahead.bundle.min.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Apr 2020 08:11:49 GMT
Server: openresty
ETag: W/"5e96c1c5-9b45"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK funnelback.autocompletion-2.6.1.min.js Show response
www.ncsc.org/__data/assets/js_file/0021/19812/ 15 KB
5 KB 177ms
173ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/js_file/0021/19812/funnelback.autocompletion-2.6.1.min.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

ac82aa097ea753b5bddcd4b7d18b8cfe3fe3ccad936c797be63100e04398e0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Apr 2020 08:11:49 GMT
Server: openresty
ETag: W/"5e96c1c5-3aeb"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H/1.1 200
OK handlebars.min.js Show response
www.ncsc.org/__data/assets/js_file/0022/19813/ 71 KB
22 KB 347ms
340ms Script
application/javascript 203.82.24.114
SQUIZUS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ncsc.org/__data/assets/js_file/0022/19813/handlebars.min.js

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.82.24.114 Sacramento, United States, ASN202595 (SQUIZUS, GB),

Reverse DNS

ncfsc-web01.sac1.squiz.cloud

Software

openresty /

Resource Hash

acc39238ce470f35443285594efdb5f3df912924d2818e5929f4df6a9eeadb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/donate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 03:01:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 15 Apr 2020 08:11:49 GMT
Server: openresty
ETag: W/"5e96c1c5-11ba6"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Sun, 04 Dec 2022 03:01:14 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 63ms
31ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3984542-4

Requested by

Host: www.ncsc.org
URL: https://www.ncsc.org/donate

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3528d6a5e22a6a2f0179b12e3a91ade131742d3f73f4fe30024b5396115b8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43554
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 03:01:14 GMT

GET
H/1.1 200
OK dafdirect1.1.css
www.dafdirect.org/ddirect/css/ 1 KB
1 KB 168ms
168ms Stylesheet
text/css 2.16.241.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dafdirect.org/ddirect/css/dafdirect1.1.css

Requested by

Host: www.dafdirect.org
URL: https://www.dafdirect.org/ddirect/dafdirect4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

85d48652088563db78dc71901ec0bd17706ededa3c475ee8a1323a1fef7c2163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 04 Nov 2022 03:01:15 GMT
P3P: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid: https-www.dafdirect.org-8443
Connection: keep-alive
Content-Length: 664
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
fsreqid: REQ6364807b01255206881dc6c55a3baa33
Last-Modified: Wed, 12 Oct 2022 02:28:08 GMT
Server: Apache
ETag: "556-5eacd24abfe00-gzip"
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding,User-Agent
Content-Type: text/css; charset=iso-8859-1
fselapsedtime: 3601
Cache-Control: private, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK logo-DAF-direct1.jpg
www.dafdirect.org/ddirect/images/ 61 KB
61 KB 258ms
227ms Image
image/jpeg 2.16.241.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafdirect.org/ddirect/images/logo-DAF-direct1.jpg

Requested by

Host: www.dafdirect.org
URL: https://www.dafdirect.org/ddirect/dafdirect4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8d04616f0170fc7ef6650fd52f499bd60260c2cf2da0907c1dccee972984ab70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 04 Nov 2022 03:01:15 GMT
X-Content-Type-Options: nosniff
P3P: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid: https-www.dafdirect.org-8443
Connection: keep-alive
Content-Length: 62156
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
fsreqid: REQ6364807b40fe4ecb9412ae3909e1aa33
Last-Modified: Wed, 12 Oct 2022 02:28:08 GMT
Server: Apache
ETag: "f2cc-5eacd24abfe00"
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg; charset=iso-8859-1
fselapsedtime: 4433
Cache-Control: private, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK button-next1.jpg
www.dafdirect.org/ddirect/images/ 3 KB
4 KB 382ms
352ms Image
image/jpeg 2.16.241.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafdirect.org/ddirect/images/button-next1.jpg

Requested by

Host: www.dafdirect.org
URL: https://www.dafdirect.org/ddirect/dafdirect4.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

1f5fbc80f8357075eee802f11635517a2b69b558c6491c22f6d21ec19e851fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 04 Nov 2022 03:01:15 GMT
X-Content-Type-Options: nosniff
P3P: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid: https-www.dafdirect.org-8443
Connection: keep-alive
Content-Length: 3149
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
fsreqid: REQ6364807bfd46b1c18cc88885473daa33
Last-Modified: Wed, 12 Oct 2022 02:28:08 GMT
Server: Apache
ETag: "c4d-5eacd24abfe00"
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg; charset=iso-8859-1
fselapsedtime: 3311
Cache-Control: private, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H/1.1 200
OK dropdownbg.gif
www.dafdirect.org/ddirect/css/images/ 1 KB
2 KB 148ms
148ms Image
image/gif 2.16.241.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dafdirect.org/ddirect/css/images/dropdownbg.gif

Requested by

Host: www.dafdirect.org
URL: https://www.dafdirect.org/ddirect/css/dafdirect1.1.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.16.241.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-241-96.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

30d589e0a97ef282c17f4d22e17ebf87914ae1956572c144ccc4ae1f06a156d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dafdirect.org/ddirect/css/dafdirect1.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Fri, 04 Nov 2022 03:01:15 GMT
X-Content-Type-Options: nosniff
P3P: CP="UNI DEM GOV FIN STA COM NAV PRE INT ONL CUR ADM DEV PSA PSD CUSi IVDi IVAi TELi CONi TAI OUR OTRi"
fscalleeid: https-www.dafdirect.org-8443
Connection: keep-alive
Content-Length: 1106
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
fsreqid: REQ6364807bfc2cc194929eafa25917aa33
Last-Modified: Wed, 12 Oct 2022 02:28:08 GMT
Server: Apache
ETag: "452-5eacd24abfe00"
Vary: User-Agent
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif; charset=iso-8859-1
fselapsedtime: 3499
Cache-Control: private, max-age=0, must-revalidate
Accept-Ranges: bytes
Expires: -1

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
23 KB 48ms
16ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 208441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 17:07:14 GMT

GET
H2 200 donor-form Show response
host.nxt.blackbaud.com/ Frame 373C 7 KB
3 KB 1801ms
786ms Document
text/html 2600:9000:2204:f000:2:68c1:1040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://host.nxt.blackbaud.com/donor-form?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&zone=usa&referral=https://lnks.gd/&bbeml=

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/donor-form-loader/1/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2204:f000:2:68c1:1040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3192ad94588ad31327909be0772be23ea31dba2bfaae009150e6b0b2d6c5e19a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.ncsc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
cache-control: no-store, must-revalidate, no-cache
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Nov 2022 03:01:16 GMT
expires: 0
pragma: no-cache
request-context: appId=cid-v1:384bd1e9-d5cd-4602-8610-6d580ed3e637
section-io-cache: Miss
section-io-id: 4614f885e45af9e7902fc2df838f052f
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish (Varnish/7.0), 1.1 fd4c476aa3616f643565cbbf3a891a78.cloudfront.net (CloudFront)
x-amz-cf-id: Epo3cFQu6anPxlVJcNwkeUpZ9-lYn8FYINF3L6ykavS9_8xVXRukiw==
x-amz-cf-pop: AMS50-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-varnish: 37796722
x-xss-protection: 1; mode=block

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 50ms
30ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://www.ncsc.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:15 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2533415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78460
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NrUieNWYaj4%2FBX5%2BqcVXnh1MkmZNcxcW0wngnquIspw1M9wvwAHnBgGSAw%2BI%2FxUbRTKZ%2F%2FSOi0WsrtRgS5fwYpEI%2FcuydOOZpQpvpTCJW%2BXWAKa7QnF8oYFShkclklg6iIUfstO2B7BhAGaQ66uKry1T"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 764a1aa26cdc695d-FRA
expires: Wed, 25 Oct 2023 03:01:15 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-3984542-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PBSXS86

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4168dbe1df778ac6916fb3764d221f389eb481d0e0d6f2d4da65b602ed09e463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:15 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 43551
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 04 Nov 2022 03:01:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 54ms
15ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-3984542-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.ncsc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 01:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6321
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 04 Nov 2022 03:15:54 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 55ms
22ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=911821852&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ncsc.org%2Fdonate&dr=https%3A%2F%2Flnks.gd%2F&ul=en-us&de=UTF-8&dt=Donate%20%7C%20NCSC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAACAAI~&jid=2031005044&gjid=190922376&cid=1192907847.1667530875&tid=UA-3984542-4&_gid=2133533396.1667530875&_r=1&gtm=2oub20&z=1372823549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ncsc.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 03:01:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ncsc.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notifications-client.global.min.js Show response
sky.blackbaudcdn.net/static/notifications-client/1.4.1/ Frame 373C 100 KB
30 KB 95ms
59ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/notifications-client/1.4.1/notifications-client.global.min.js

Requested by

Host: host.nxt.blackbaud.com
URL: https://host.nxt.blackbaud.com/donor-form?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&zone=usa&referral=https://lnks.gd/&bbeml=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

476d8423431fa6f56fe0fb5ca7be484361ccf188d82d6ea8fc33d8b8f6d52c98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 21:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7883219
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DA01200D79D863"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: mm6H_COmamI-rg4M2aggT84TbSMpcGl34pfEheNxjnP2k_qkRHWe2g==

GET
H2 200 auth-client.global.min.js Show response
sky.blackbaudcdn.net/static/auth-client/2.60.0/ Frame 373C 52 KB
12 KB 95ms
60ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/auth-client/2.60.0/auth-client.global.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

7264b6a9372974f597f014ce21e98a69dad98b8a2df0244ba1ebdfa84ba8a505

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 19:17:50 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 891806
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 26
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DAB5F4667A070C"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: OsdAqTcvTLbWL2QZlyiZo2pdEOZRZG0tBoeiBlLqwju24852oWs14w==

GET
H2 200 styles.af7be6fa99b83c66.css
sky.blackbaudcdn.net/skyuxapps/donor-form/ Frame 373C 63 KB
8 KB 52ms
17ms Stylesheet
text/css 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

6ec64b744bfeb3879c248eb46e75fe0c5f98171505d753470c7074799da533e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 15:09:58 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 6349878
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 24
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DA844F4D7AA60C"
vary: Accept-Encoding,Origin
content-type: text/css
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: nCHC7leAXw-wajqYc45AviiKTLAokCZbe9a3EJLQ8Eizw9IJli4fNQ==

GET
H2 200 bbCheckoutLoadJS.js Show response
payments.blackbaud.com/checkout/ Frame 373C 392 B
935 B 1220ms
136ms Script
application/javascript 209.160.102.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.blackbaud.com/checkout/bbCheckoutLoadJS.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

209.160.102.255 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

568d593e2630341a0404c505cdb3c5387db9bb4c0320fb0f7fc22ecf06a493b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://host.nxt.blackbaud.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:18 GMT
via: 1.1 varnish (Varnish/7.0)
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 29 Sep 2022 18:45:56 GMT
age: 0
etag: W/"9dfd9b633d4d81:0"
vary: Accept-Encoding
x-varnish: 1183188
access-control-allow-origin: *
content-type: application/javascript
cache-control: no-cache="set-cookie"
section-io-cache: Miss
section-io-id: 31baeb0f6902669a9c26274f199ad175

GET
H2 200 runtime.df6477d2a873e846.js Show response
sky.blackbaudcdn.net/skyuxapps/donor-form/ Frame 373C 3 KB
2 KB 53ms
18ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/donor-form/runtime.df6477d2a873e846.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

e76219c989065b2883c783617f9e8dd37409db7465cf2fcbdc4dbf1afbc3266b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 18:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 548820
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 32
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DAB908C9789232"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: ncTl0TbU0xKuax0OmWBMxfP7q99R_JcV8YgAUlTYfiQiQFFckCuLrg==

GET
H2 200 polyfills.6b7e6ca6ce5a5084.js Show response
sky.blackbaudcdn.net/skyuxapps/donor-form/ Frame 373C 60 KB
18 KB 92ms
58ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/donor-form/polyfills.6b7e6ca6ce5a5084.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

85ccec336c7c135f597543f5e5c99f90d7353ff06400ca126672b2de328127b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 18:57:10 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 9273846
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 30
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DA69B6B9229F9C"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: -xrnWn22NOYNOPKcrUQkSEZ2A_ELwXX4adPcJakbRkPSp5ZZIbmyuQ==

GET
H2 200 main.5e6cac3ec2ac7aaa.js Show response
sky.blackbaudcdn.net/skyuxapps/donor-form/ Frame 373C 3 MB
669 KB 54ms
20ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/donor-form/main.5e6cac3ec2ac7aaa.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

50ce3b18ad3cf202c2aecde6ea3d7dfdb99397bb7daa4b3fdb8241c149554389

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 16:58:30 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 208966
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 66
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DABC297FC54109"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: 7Xr6rjm1kvPjWm3kzpGp1xpx_ULlnEIxLCChdJU20r5WDxKgqcn2iw==

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ Frame 373C 30 KB
7 KB 55ms
21ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sky.blackbaudcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 617
age: 24427144
cdn-cachedat: 2021-06-08 14:35:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cdn-cache: HIT
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 55fb4fa8e5dd0a7f71d503394bffb28b
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 764a1aae5adc9211-FRA
cdn-requestpullsuccess: True

GET
H2 200 skyux-icons.min.css
sky.blackbaudcdn.net/static/skyux-icons/5.1.0/assets/css/ Frame 373C 6 KB
2 KB 17ms
16ms Stylesheet
text/css 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-icons/5.1.0/assets/css/skyux-icons.min.css

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

429eb355a880e205733174ed0273fe48591c3877cd92f45973ea400f45cdd59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 07:35:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7241168
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 57
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DA2D1B4D2C9A8B"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-id: 4MboMTC5tWT09lRJH9LiofPVZFK-2lyEuMnl_IKQv7UbEMuNpzV2RA==

GET
H3 200 css
fonts.googleapis.com/ Frame 373C 5 KB
751 B 25ms
24ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Roboto&display=swap

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

85b582d532a0b72db305f21b90c09aa6fb8615333fdafc21f7dad35c4770fd73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sky.blackbaudcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 03:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 01:09:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 03:01:17 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ Frame 373C 75 KB
76 KB 40ms
22ms Font
font/woff2 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 03:01:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 1763725
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: b50b00dfa0a7cab962d700774a599356
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 764a1ab679479c0d-FRA
cdn-requestpullsuccess: True

GET
H2 200 skyux-icons.woff2
sky.blackbaudcdn.net/static/skyux-icons/5.1.0/assets/font/ Frame 373C 22 KB
22 KB 17ms
17ms Font
application/octet-stream 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-icons/5.1.0/assets/font/skyux-icons.woff2?6707648

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/static/skyux-icons/5.1.0/assets/css/skyux-icons.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

3f3034fd02a235455da2d0f551a0888842822deaf4c6da1c6dcaad724a1db43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/static/skyux-icons/5.1.0/assets/css/skyux-icons.min.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 05 Aug 2022 08:09:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7843920
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 33
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DA2D1B4D4D3D21"
vary: Accept-Encoding,Origin
content-type: application/octet-stream
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: gkymYH8fXOD4M5W1RbFtLyIDEpqKZ9_T1Jr8hWyT2-9I5p2Y8YEPEA==

GET
H2 200 BLKBSans-Regular.woff
sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/ Frame 373C 32 KB
32 KB 17ms
17ms Font
application/x-font-woff 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/static/skyux-fonts/2.0.0/assets/BLKBSans-Regular.woff

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

08e1bc83b1500ff23f4393c9907ffcfad541ef2e342df772bc2a3445d7392b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://sky.blackbaudcdn.net/skyuxapps/donor-form/styles.af7be6fa99b83c66.css
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Mon, 05 Sep 2022 01:48:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 5188375
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 28
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8D91A0BEFD54A62"
vary: Accept-Encoding,Origin
content-type: application/x-font-woff
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: 0_P5HS4JN-wOghbXFLpVCvl0xUpEy9GR6ml4WZ9a-qPGydvqcEqZjA==

GET
H2 200 869.4d3843a728b802f3.js Show response
sky.blackbaudcdn.net/skyuxapps/donor-form/ Frame 373C 1011 B
1 KB 16ms
16ms Script
application/javascript 99.86.4.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sky.blackbaudcdn.net/skyuxapps/donor-form/869.4d3843a728b802f3.js

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/runtime.df6477d2a873e846.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.119 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-119.fra6.r.cloudfront.net

Software

istio-envoy /

Resource Hash

ab6dfa6b32cb7361b0e192b06c2abda77f380b8136d881304dd4ac3cc47c48c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://host.nxt.blackbaud.com/
Origin: https://host.nxt.blackbaud.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:34:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 822417
x-cache: Hit from cloudfront
x-envoy-upstream-service-time: 25
request-context: appId=cid-v1:97accf10-7710-4206-9726-3866ea91e9c5
server: istio-envoy
etag: "0x8DAB694A99FF860"
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: https://host.nxt.blackbaud.com
cache-control: public,max-age=31536000
x-amz-cf-id: ONrRMesunW0RkXV9Us5yuEulEKuI2zyEHLY2vndrUcZRtikSKv-eLQ==

OPTIONS 75c0ed1d-ccf2-463a-8356-60fdb6d69ace
fms-pusa01.app.blackbaud.net/txntr/formlayout/ Frame 0
0

OPTIONS environmentformconfiguration
fms-pusa01.app.blackbaud.net/txntr/ Frame 0
0

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame 373C 1 B
351 B 97ms
44ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1667530878501

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/polyfills.6b7e6ca6ce5a5084.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 04 Nov 2022 03:01:18 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 19
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame 373C 1 B
68 B 98ms
45ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1667530878501

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/polyfills.6b7e6ca6ce5a5084.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 04 Nov 2022 03:01:18 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 19
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame 373C 1 B
68 B 98ms
45ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1667530878502

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/polyfills.6b7e6ca6ce5a5084.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 04 Nov 2022 03:01:18 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 19
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/groups/ Frame 373C 1 B
72 B 98ms
46ms XHR
application/json 35.190.25.25
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/groups/?ip=1&_=1667530878502

Requested by

Host: sky.blackbaudcdn.net
URL: https://sky.blackbaudcdn.net/skyuxapps/donor-form/polyfills.6b7e6ca6ce5a5084.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.25.25 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

25.25.190.35.bc.googleusercontent.com

Software

envoy /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://host.nxt.blackbaud.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Fri, 04 Nov 2022 03:01:18 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://host.nxt.blackbaud.com
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 23
access-control-allow-headers: X-Requested-With
content-length: 1
alt-svc: clear

GET 75c0ed1d-ccf2-463a-8356-60fdb6d69ace
fms-pusa01.app.blackbaud.net/txntr/formlayout/ Frame 373C 0
0

GET environmentformconfiguration
fms-pusa01.app.blackbaud.net/txntr/ Frame 373C 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fms-pusa01.app.blackbaud.net
URL: https://fms-pusa01.app.blackbaud.net/txntr/formlayout/75c0ed1d-ccf2-463a-8356-60fdb6d69ace?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&referral=https%3A%2F%2Flnks.gd%2F

Domain: fms-pusa01.app.blackbaud.net
URL: https://fms-pusa01.app.blackbaud.net/txntr/environmentformconfiguration?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&referral=https%3A%2F%2Flnks.gd%2F

Domain: fms-pusa01.app.blackbaud.net
URL: https://fms-pusa01.app.blackbaud.net/txntr/formlayout/75c0ed1d-ccf2-463a-8356-60fdb6d69ace?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&referral=https%3A%2F%2Flnks.gd%2F

Domain: fms-pusa01.app.blackbaud.net
URL: https://fms-pusa01.app.blackbaud.net/txntr/environmentformconfiguration?svcid=renxt&formId=75c0ed1d-ccf2-463a-8356-60fdb6d69ace&envid=p-BYbuFyLW2kGOgLU88G1Pkg&referral=https%3A%2F%2Flnks.gd%2F

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ncsc.org/	1969-12-31 23:59:59	Name: SQ_SYSTEM_SESSION Value: 0584c3e31cd33133f4ed65f729145f45
.ncsc.org/	1970-01-20 16:48:10	Name: _ga Value: GA1.2.1192907847.1667530875
.ncsc.org/	1970-01-20 07:13:37	Name: _gid Value: GA1.2.2133533396.1667530875
.ncsc.org/	1970-01-20 07:12:10	Name: _gat_gtag_UA_3984542_4 Value: 1
payments.blackbaud.com/	1970-01-20 07:12:13	Name: AWSELBCORS Value: 5D1F03890C6DB96F050AC264193A46A6E39A1F31BEAEFEBF809B0FB374210AB9C1E86769F4E935125ED747525506DF406B93BA9734A65EE2A5FFD86D2C3ED15437B10ED4D5

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-js.mixpanel.com
cdnjs.cloudflare.com
fms-pusa01.app.blackbaud.net
fonts.googleapis.com
fonts.gstatic.com
host.nxt.blackbaud.com
lnks.gd
maxcdn.bootstrapcdn.com
ncsc.org
payments.blackbaud.com
sky.blackbaudcdn.net
www.dafdirect.org
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.ncsc.org
fms-pusa01.app.blackbaud.net
2.16.241.96
2001:18c8:17f:fc75::d186:90e5
203.82.24.114
209.160.102.255
2600:9000:2204:f000:2:68c1:1040:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:801::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::200e
35.190.25.25
99.86.4.119
003292faf5ebfcb57d457a372ff5b7bed1115cf537b757752035bb53c7260c3a
052036b6d2b093261dc5c8ad785690b8fe0a348b61a82d0a52fad07105b0d0bf
08e1bc83b1500ff23f4393c9907ffcfad541ef2e342df772bc2a3445d7392b76
0aff3c44b652103cb97865aaac697bf34283a22548289b0ddd90474983705e01
0c5b68b3ae23054815d89c5a2230ad7edf2d4b68732b4463d6be74cacb974055
1f5fbc80f8357075eee802f11635517a2b69b558c6491c22f6d21ec19e851fee
26989bbcfdf80aa7e9ac57acb932d61d822705e6e2798fa310235c0f5f340406
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f535961e7f0a2e7086e25972085cbb91c0f9c9943d8aa5f85edb811ad505ae8
30d589e0a97ef282c17f4d22e17ebf87914ae1956572c144ccc4ae1f06a156d0
3192ad94588ad31327909be0772be23ea31dba2bfaae009150e6b0b2d6c5e19a
3879104bef6c7ce50bd2fd83c1ff197e367cf0c3110eec1ab4abe508381a5007
3e6802422b7f920f64fb0a6ebeff1e60c0eb7bb25a7edb770f2b92042e2f81bc
3f3034fd02a235455da2d0f551a0888842822deaf4c6da1c6dcaad724a1db43f
4168dbe1df778ac6916fb3764d221f389eb481d0e0d6f2d4da65b602ed09e463
429eb355a880e205733174ed0273fe48591c3877cd92f45973ea400f45cdd59b
456894e2899453bb50d8cdf099140d5bd50be74301e02b9c6d13c26ec42ff97d
476d8423431fa6f56fe0fb5ca7be484361ccf188d82d6ea8fc33d8b8f6d52c98
50ce3b18ad3cf202c2aecde6ea3d7dfdb99397bb7daa4b3fdb8241c149554389
568d593e2630341a0404c505cdb3c5387db9bb4c0320fb0f7fc22ecf06a493b9
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
6780ea9cde2e8bb180917f73745e6fb025d7f01ad17ccf61c837dc5d2cbe0b8e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ce2154afb36144dfb2ce5ef67d82597dec68bdb239a50045f8c8a3db4bb954d
6ec64b744bfeb3879c248eb46e75fe0c5f98171505d753470c7074799da533e6
71de49e8dc1c3155d4a440587d3983b65b812a27675a5f0c17bf40e66c6a3c87
7264b6a9372974f597f014ce21e98a69dad98b8a2df0244ba1ebdfa84ba8a505
76b2a103a4feac2ee3aa1bf11ce12032a38d8fa566fb95a39bcac61204811c5c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
80b00ccaed8b61dc4cfd4ba79c12a9a936631b2dbdd2c9bd5f8139621516f29b
85b582d532a0b72db305f21b90c09aa6fb8615333fdafc21f7dad35c4770fd73
85ccec336c7c135f597543f5e5c99f90d7353ff06400ca126672b2de328127b6
85d48652088563db78dc71901ec0bd17706ededa3c475ee8a1323a1fef7c2163
8850c59b00380af79a60472b2d9db31db1f9abe5bbb3b3771eabb12780653688
8d04616f0170fc7ef6650fd52f499bd60260c2cf2da0907c1dccee972984ab70
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9be1af390b156b5b09db0385f96f5450a92f955fb1e6132ef779d2273cf45cc9
a3528d6a5e22a6a2f0179b12e3a91ade131742d3f73f4fe30024b5396115b8ce
ab6dfa6b32cb7361b0e192b06c2abda77f380b8136d881304dd4ac3cc47c48c5
ac82aa097ea753b5bddcd4b7d18b8cfe3fe3ccad936c797be63100e04398e0f7
acc39238ce470f35443285594efdb5f3df912924d2818e5929f4df6a9eeadb31
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bca664416f93136ff22f898650b79c4f7525f3731a5473444e2bd5b445e83310
c0b431449981e3a2d878ca298bb1f3a9a27066564ba259de2f46a909b4385c5f
cc79948ec00621c51e9f70703439e0329481c10bc19bdf1eb533de4d52e37dc4
d090129339f10606292a643f5489c78bc7fab0206d94a2c3f034811a5f63e6e2
d654ae64d74ca7289b94b2fda7959acc07a45dd91e65a4516bef5f1d6194d521
dadaf24c58d70e92e6c831bccf59efa995f93a0fdbf427738f0c8138ae53bec6
e76219c989065b2883c783617f9e8dd37409db7465cf2fcbdc4dbf1afbc3266b
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
ed18ff9c76e54c9c04d0f9f3461d5b8b233a33598d7cbe3c32339e0ca9c18561

www.ncsc.org Open in urlscan Pro 203.82.24.114 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

94 %HTTPS

67 %IPv6

14 Domains

17 Subdomains

16 IPs

2 Countries

1731 kBTransfer

6120 kBSize

5 Cookies

11 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ncsc.org Open in urlscan Pro
203.82.24.114 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

94 %
HTTPS

67 %
IPv6

14
Domains

17
Subdomains

16
IPs

2
Countries

1731 kB
Transfer

6120 kB
Size

5
Cookies

62 HTTP transactions
0 data transactions