Submitted URL: https://lkbitz.com/Get-500GHS
Effective URL: https://john-mahama-fund.clnk.online/
Submission: On November 11 via manual from GH — Scanned from US

Summary

This website contacted 22 IPs in 3 countries across 19 domains to perform 32 HTTP transactions. The main IP is 64.20.37.26, located in United States and belongs to IS-AS-1, US. The main domain is john-mahama-fund.clnk.online.
TLS certificate: Issued by R11 on November 10th 2024. Valid for: 3 months.
This is the only time john-mahama-fund.clnk.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 64.20.37.26 19318 (IS-AS-1)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700:310... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 151.101.193.91 54113 (FASTLY)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.164.124.125 16509 (AMAZON-02)
1 2606:4700:310... 13335 (CLOUDFLAR...)
1 2 23.209.72.200 20940 (AKAMAI-ASN1)
1 2a04:4e42::649 54113 (FASTLY)
1 172.104.29.90 63949 (AKAMAI-LI...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 46.105.201.240 16276 (OVH)
1 149.56.240.128 16276 (OVH)
2 2600:141b:1c0... 20940 (AKAMAI-ASN1)
4 2600:141b:1c0... 20940 (AKAMAI-ASN1)
32 22
Apex Domain
Subdomains
Transfer
6 secureserver.net
events.api.secureserver.net — Cisco Umbrella Rank: 13177
csp.secureserver.net — Cisco Umbrella Rank: 13220
582 B
4 pages.dev
olului.pages.dev
pamdas.pages.dev
56 KB
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 12259
s4.histats.com — Cisco Umbrella Rank: 12449
5 KB
2 gstatic.com
fonts.gstatic.com
15 KB
2 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 10296
21 KB
2 supercounters.com
widget.supercounters.com — Cisco Umbrella Rank: 256380
service.supercounters.com — Cisco Umbrella Rank: 239502
2 KB
2 google.com
apis.google.com — Cisco Umbrella Rank: 123
82 KB
2 blogger.com
www.blogger.com — Cisco Umbrella Rank: 12461
850 B
2 clnk.online
john-mahama-fund.clnk.online
10 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 791
33 KB
1 istockphoto.com
media.istockphoto.com — Cisco Umbrella Rank: 16091
39 KB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 1316
18 KB
1 johnmahama.org
johnmahama.org
795 KB
1 ftcdn.net
t4.ftcdn.net — Cisco Umbrella Rank: 23518
37 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10512
4 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
879 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 220
14 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
7 KB
1 lkbitz.com
lkbitz.com
424 B
32 19
Domain Requested by
4 csp.secureserver.net img1.wsimg.com
3 olului.pages.dev john-mahama-fund.clnk.online
2 events.api.secureserver.net img1.wsimg.com
2 fonts.gstatic.com fonts.googleapis.com
2 img1.wsimg.com 1 redirects john-mahama-fund.clnk.online
2 apis.google.com john-mahama-fund.clnk.online
apis.google.com
2 www.blogger.com john-mahama-fund.clnk.online
apis.google.com
2 john-mahama-fund.clnk.online john-mahama-fund.clnk.online
1 s4.histats.com s10.histats.com
1 s10.histats.com john-mahama-fund.clnk.online
1 service.supercounters.com widget.supercounters.com
1 code.jquery.com john-mahama-fund.clnk.online
1 pamdas.pages.dev john-mahama-fund.clnk.online
1 media.istockphoto.com john-mahama-fund.clnk.online
1 pbs.twimg.com john-mahama-fund.clnk.online
1 johnmahama.org john-mahama-fund.clnk.online
1 widget.supercounters.com john-mahama-fund.clnk.online
1 t4.ftcdn.net john-mahama-fund.clnk.online
1 blogger.googleusercontent.com john-mahama-fund.clnk.online
1 fonts.googleapis.com john-mahama-fund.clnk.online
1 cdnjs.cloudflare.com john-mahama-fund.clnk.online
1 maxcdn.bootstrapcdn.com john-mahama-fund.clnk.online
1 lkbitz.com 1 redirects
32 23

This site contains links to these domains. Also see Links.

Domain
www.supercounters.com
upodaitie.net
Subject Issuer Validity Valid
www.john-mahama-fund.clnk.online
R11
2024-11-10 -
2025-02-08
3 months crt.sh
bootstrapcdn.com
WE1
2024-09-20 -
2024-12-19
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-09-28 -
2024-12-27
3 months crt.sh
olului.pages.dev
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.blogger.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.apis.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
upload.video.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.googleusercontent.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.ftcdn.net
R11
2024-11-06 -
2025-02-04
3 months crt.sh
supercounters.com
WE1
2024-10-05 -
2025-01-03
3 months crt.sh
johnmahama.org
WE1
2024-11-02 -
2025-01-31
3 months crt.sh
pbs.twimg.com
E5
2024-10-04 -
2025-01-02
3 months crt.sh
media.gettyimages.com
Amazon RSA 2048 M03
2024-01-11 -
2025-02-07
a year crt.sh
pamdas.pages.dev
WE1
2024-09-27 -
2024-12-26
3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
*.supercounters.com
RapidSSL TLS RSA CA G1
2024-10-16 -
2025-11-16
a year crt.sh
*.gstatic.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
histats.com
R11
2024-10-30 -
2025-01-28
3 months crt.sh
*.api.secureserver.net
Starfield Secure Certificate Authority - G2
2024-07-15 -
2025-08-16
a year crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2
2024-10-17 -
2025-11-18
a year crt.sh

This page contains 2 frames:

Primary Page: https://john-mahama-fund.clnk.online/
Frame ID: C8D08F5FD82F552C29B8B9ABA3E5E5DF
Requests: 29 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=4312807017216132363&blogName=ads&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://ghana-500ghs-camp-funds.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://ghana-500ghs-camp-funds.blogspot.com/&vt=4282426271867752552&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.N4A9eqvTwsI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA%2Fm%3D__features__
Frame ID: 29B25735DBADB3A3402758E88810876F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

John Dramani Mahama 500GHS Campaign's Funds For Ghanians

Page URL History Show full URLs

  1. https://lkbitz.com/Get-500GHS HTTP 301
    https://john-mahama-fund.clnk.online/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
  • limonte-sweetalert2/([\d.]+)/sweetalert2(?:\.all)(?:\.min)\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

68 %
IPv6

19
Domains

23
Subdomains

22
IPs

3
Countries

1139 kB
Transfer

1626 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://lkbitz.com/Get-500GHS HTTP 301
    https://john-mahama-fund.clnk.online/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js HTTP 301
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js

32 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
john-mahama-fund.clnk.online/
Redirect Chain
  • https://lkbitz.com/Get-500GHS
  • https://john-mahama-fund.clnk.online/
24 KB
10 KB
Document
General
Full URL
https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.20.37.26 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
webhosting2048.is.cc
Software
LiteSpeed /
Resource Hash
fa45b3fa5d1e796e4696ac63fdf0b8a8b3bfd56bbac172008628eafc70429214

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
9797
content-type
text/html
date
Mon, 11 Nov 2024 05:38:55 GMT
last-modified
Mon, 11 Nov 2024 00:09:25 GMT
server
LiteSpeed
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-store, no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 11 Nov 2024 05:38:55 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://john-mahama-fund.clnk.online
pragma
no-cache
server
LiteSpeed
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/
30 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
508583
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 05:38:55 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/06/2024 01:22:44
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
925ce50056c053a76028b17f3f524940
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8e0bf059ab501a0f-EWR
access-control-allow-origin
*
cdn-edgestorageid
871
server
cloudflare
cdn-requestcountrycode
US
sweetalert2.all.min.js
cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/8.11.8/
64 KB
14 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/limonte-sweetalert2/8.11.8/sweetalert2.all.min.js
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d914b553a50d65d2d2d0173dcf6becbd5e322c86c934ac720389abc79ba8b2c9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"5eb03ed1-fe53"
age
476838
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uQ5wTozepCrKL2gifAc3uBul175NJgLBDi%2F5dfgg76JA7q2mqO5BYVVnz5cLZ7IX3HfmGUGpYSitUq9XMR%2FVIaLKgZxzJ3OZ0XhlCJFkSbKO4P7jkEkm2iiqGVPt7CdTGCl7Ev28L3njg9yXT2qF6ywK"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sat, 01 Nov 2025 05:38:55 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 04 May 2020 16:12:01 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e0bf059af4042cf-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
14170
server
cloudflare
app.css
olului.pages.dev/css/
33 B
740 B
Stylesheet
General
Full URL
https://olului.pages.dev/css/app.css?id=2fbe2d9a9a40ca9b2489
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"4165f7316a59fe16fefe55c4e7e24819"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QFmtW%2BY59IfDJUZb%2FkUHV1c22eZm95vntyxcYeECImGoUtZJ1GkRw%2FZDuQm4AVU9bcYmjsVxfSiseZrPZOnC%2BpA10S87WJfwX2PfCcMGQ9r9dON9jTd2A1AuHt18CF%2BPgkfisLlI2TYaOIjkwAQ9"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0bf059cd3342da-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
33
server-timing
cfL4;desc="?proto=QUIC&rtt=3214&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4269&recv_bytes=5606&delivery_rate=129210&cwnd=12000&unsent_bytes=0&cid=b4a3f77face908d2&ts=35&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
server
cloudflare
3334278262-classic.css
www.blogger.com/static/v1/v-css/navbar/
871 B
850 B
Stylesheet
General
Full URL
https://www.blogger.com/static/v1/v-css/navbar/3334278262-classic.css
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
gzip
age
294833
report-to
{"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 19:45:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 19:45:02 GMT
last-modified
Thu, 07 Nov 2024 01:53:55 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="blogger-tech"
content-length
404
x-xss-protection
0
server
sffe
platform.js
apis.google.com/js/
63 KB
24 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fe442c392ba79a12acfdac7466b61109511238a1f5590263652c9aa6a1c8d37
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
gzip
etag
"9dee6abae30788e3"
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 05:38:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
text/javascript
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24185
x-xss-protection
0
server
sffe
css2
fonts.googleapis.com/
2 KB
879 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fd0a80fb92bb60cf3c28a03ed20fcc0e9f3a77f470e06fd233b28feba1902c57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 05:38:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 11 Nov 2024 05:13:41 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
WhatsApp%20Image%202024-10-09%20at%2000.48.58.jpeg
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8tbuA5CyfOEg5rPeNC7mQm-E645CWpXz24wSYrUNqugAHl2sjt2Hccwr7lSY95NdflK0gqCoyILLfMH-9d6XGuvWHEQJKDjHkX0bhAXcmf_vJoYewFUFdZH8jtnFoFtenZw3k322XxQTtUK2e...
3 KB
4 KB
Image
General
Full URL
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8tbuA5CyfOEg5rPeNC7mQm-E645CWpXz24wSYrUNqugAHl2sjt2Hccwr7lSY95NdflK0gqCoyILLfMH-9d6XGuvWHEQJKDjHkX0bhAXcmf_vJoYewFUFdZH8jtnFoFtenZw3k322XxQTtUK2eTYXg2u5K1YB8wJT38ABA_-VIXhlX0da0CwgJMzCsDaM/s600/WhatsApp%20Image%202024-10-09%20at%2000.48.58.jpeg
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
44382728c33def9f871f8c58ae97a0b8ee721d735fa826822b7a5fb01851e5aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"vd5a"
x-content-type-options
nosniff
expires
Tue, 12 Nov 2024 05:38:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3329
date
Mon, 11 Nov 2024 05:38:55 GMT
x-xss-protection
0
content-type
image/jpeg
vary
Origin
server
fife
content-disposition
inline;filename="WhatsApp Image 2024-10-09 at 00.48.58.jpeg"
360_F_679546375_wOJ0bePnLJGIKiF856rjes2GaqgptySl.jpg
t4.ftcdn.net/jpg/06/79/54/63/
36 KB
37 KB
Image
General
Full URL
https://t4.ftcdn.net/jpg/06/79/54/63/360_F_679546375_wOJ0bePnLJGIKiF856rjes2GaqgptySl.jpg
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0539cc2b77a5458751510492401d8e61e23aece4f10e861bdeb392cf92abbc58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
etag
"314bb2e3b543bffa1e087b6e7824d383"
age
700267
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
37107
date
Mon, 11 Nov 2024 05:38:55 GMT
last-modified
Fri, 17 Nov 2023 07:54:49 GMT
content-type
image/jpeg
x-served-by
cache-iad-kcgs7200083-IAD, cache-lga21928-LGA
x-cache-hits
30, 1
x-amz-server-side-encryption
AES256
online_t.js
widget.supercounters.com/ssl/
2 KB
1 KB
Script
General
Full URL
https://widget.supercounters.com/ssl/online_t.js
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3034::6815:4bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f56b0bd9e5cd22334b47cc1d10e2cf1ae6a2fd95c16ed5534e925f6dfae331ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cache-control
max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"6220ab96-6b4"
age
6673
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2X482AEUJZTQM7WwRyLO5Sq49dp7tKiDE5WC11pHb4gqOf6GCzQ8zj9jIqS%2FowBhqkaKUJjp8RG2fTIYo9r%2FynaUZe1l%2FNVF5fywwHBEmMY4SR%2Ftinsh%2B9hhy0AoIQ2XA1JFD2X8dZETA78uNlVZ16REhj4%2FG6s%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0bf059ee974258-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3304&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4213&recv_bytes=5531&delivery_rate=125371&cwnd=12000&unsent_bytes=0&cid=3e6c127ddd2debce&ts=22&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
application/javascript
last-modified
Thu, 03 Mar 2022 11:50:46 GMT
vary
Accept-Encoding
server
cloudflare
Trustworthy_2-b-768x_.png
johnmahama.org/photos/shares/HomeSlider/
794 KB
795 KB
Image
General
Full URL
https://johnmahama.org/photos/shares/HomeSlider/Trustworthy_2-b-768x_.png?token=1f57dc624fc777c49b85ae6094a7fb83
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:b99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f325faa972c65e9d2e0ed4098c5052fcbb30fbd8e170b3374f3a02931d2cc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

server
cloudflare
cache-control
public, max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
age
5184
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ahxd4R9E13i15fNwl7Mhl5LXnPd0ulcG5etYyus11SY4Rffo3ux1d8xodgA8ngaTUYDNjj3cKTkdkplPSR8867B%2Fq3qYWEnSqdoqp3FS3xvfaQJZWjV9VvkFt5crp98F7iWALb%2B7rVbEsyG6eg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0bf05a1fa34239-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3086&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4212&recv_bytes=4457&delivery_rate=192754&cwnd=12000&unsent_bytes=0&cid=866507e05562fa05&ts=42&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
image/png
last-modified
Mon, 11 Nov 2024 04:12:31 GMT
vary
Accept-Encoding
priority
u=2,i
checked.png
olului.pages.dev/img/landers/survey-pick-a-box/
1 KB
2 KB
Image
General
Full URL
https://olului.pages.dev/img/landers/survey-pick-a-box/checked.png
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"1feaeac0e76f9f4e62ef2d41cda680f4"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wiGFNPgfulAa1AnQ6QxzaNwH8vG40i%2BqQYj4nssAlU%2F9TH3lmT86umECSHpsQxrHd9Z7mB%2FBrHqAuNgRDALFjVn%2FoCIZaWS3tM%2FtzlIlCH%2FbVB5KI3%2FIQ9q4xdGhUniFLJUvHlIgdDbrzZO%2FvqKr"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0bf059ed5d42da-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1502
server-timing
cfL4;desc="?proto=QUIC&rtt=3157&sent=16&recv=14&lost=0&retrans=0&sent_bytes=5056&recv_bytes=6399&delivery_rate=38843&cwnd=12000&unsent_bytes=0&cid=b4a3f77face908d2&ts=60&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
image/png
vary
Accept-Encoding
server
cloudflare
spinner.gif
olului.pages.dev/img/landers/survey-pick-a-box/
2 KB
2 KB
Image
General
Full URL
https://olului.pages.dev/img/landers/survey-pick-a-box/spinner.gif
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2c35 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag
"95485cfaea908e95181b49a2638b74bf"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iwe0kDtleeDf%2F80TUVAz%2BpttteLJiv5ZzBYrNNWABNIai2dGw3ca1l60b%2FVd%2F%2BT5XNR9yOTeZ9DU%2BvOz5MyYBM7LwpT4rdX83WjclINI5wn2UmCbyPeRXhOHS%2B624hidRko9%2Fh7fGwOb8eUCfAic"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0bf059ed5f42da-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
1569
server-timing
cfL4;desc="?proto=QUIC&rtt=3157&sent=18&recv=14&lost=0&retrans=0&sent_bytes=7265&recv_bytes=6399&delivery_rate=38843&cwnd=12000&unsent_bytes=0&cid=b4a3f77face908d2&ts=60&x=1", cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare
-mR73O-B_400x400.jpg
pbs.twimg.com/profile_images/1320406561265770501/
17 KB
18 KB
Image
General
Full URL
https://pbs.twimg.com/profile_images/1320406561265770501/-mR73O-B_400x400.jpg
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c74937480b8e483794db5574619c0421a327af9134c3095c67c9a0a06f170268
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

x-transaction-id
1ad5a9bdb7baa589
access-control-expose-headers
Content-Length
x-connection-hash
7e8c6b3a5aa37abfe58f5c9492ad07bffb62a2f2374ae98760159e5310a159b1
cf-cache-status
HIT
age
163314
x-content-type-options
nosniff
expires
Mon, 18 Nov 2024 05:38:55 GMT
x-response-time
17
x-cache
HIT
date
Mon, 11 Nov 2024 05:38:55 GMT
x-tw-cdn
CF, CF
content-type
image/jpeg
last-modified
Sun, 25 Oct 2020 16:45:10 GMT
vary
Accept-Encoding
perf
7402827104
strict-transport-security
max-age=631138519
cache-control
public, max-age=604800
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
cf-ray
8e0bf05a18df4257-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
17609
server
cloudflare
ugandan-shillings-bills-isolated-on-white-background.jpg
media.istockphoto.com/id/508027476/photo/
38 KB
39 KB
Image
General
Full URL
https://media.istockphoto.com/id/508027476/photo/ugandan-shillings-bills-isolated-on-white-background.jpg?s=612x612&w=0&k=20&c=jrbG3F8rRvr2ZC6cQgx6LuCIrck9vLE6jltNbpC0-JY=
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-125.jfk50.r.cloudfront.net
Software
Kestrel /
Resource Hash
14368eed8206f3a744084bdd0f679edb6c0cad8ad139f047b46ba6841f39979a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

X-Amz-Cf-Pop
JFK50-P7
X-Amz-Cf-Id
q2aO-bvzu6kRz64kpCUZMDA6dxRW7bpG5nHXRIsHJ7qVo_rpU_osuw==
Cache-Control
public, max-age=7776000
Age
694649
Connection
keep-alive
Via
1.1 021c711549f5f4a7c98f2f921f46beba.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Cache
Hit from cloudfront
Content-Length
39113
Alt-Svc
h3=":443"; ma=86400
Date
Sun, 03 Nov 2024 04:41:26 GMT
Content-Type
image/jpeg
Last-Modified
Sun, 03 Nov 2024 04:41:26 GMT
Server
Kestrel
Content-Disposition
inline; filename=istockphoto-508027476-612x612.jpg
app.js
john-mahama-fund.clnk.online/js/
0
0
Script
General
Full URL
https://john-mahama-fund.clnk.online/js/app.js?id=d41d8cd98f00b204e980
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.20.37.26 , United States, ASN19318 (IS-AS-1, US),
Reverse DNS
webhosting2048.is.cc
Software
LiteSpeed /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-length
1251
pragma
no-cache
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
text/html
server
LiteSpeed
wow.js
pamdas.pages.dev/
148 KB
51 KB
Script
General
Full URL
https://pamdas.pages.dev/wow.js?id=17138759790b445ece6b
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:310c::ac42:2f27 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e89ba2525b9badd7d18be1b8137803f52f85b5d005ed4ea510104f122d535c6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
br
etag
W/"ccdd09a069362f7638b90de5777d6fb1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hW3U9DqoIN%2FDJCKlYSyVbeVXL4tY7pS3uLITkFyMFDHD1TGHgMwSCYmndRnT4BquxabK3A63WcAr50Mi4E6TZd8tihjY3q8hWHhWMbJu6XZSx7RiE92WXXPzKsV5PlMIZTFXIkaoT1zWg1ObL3Pm"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=3389&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4222&recv_bytes=4359&delivery_rate=252145&cwnd=12000&unsent_bytes=0&cid=60161507443ea06a&ts=45&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
application/javascript
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=0, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e0bf05a3905c341-EWR
access-control-allow-origin
*
server
cloudflare
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl.min.js
  • https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
105 KB
21 KB
Script
General
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Server
23.209.72.200 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-209-72-200.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
gzip
x-amz-meta-version
0.4.7
etag
"6a7950cc31489069917bf817b62b2bfe"
x-amz-version-id
4pexUB2ckSZgPfbjokD3loiC8DEV2lsi
expires
Mon, 11 Nov 2024 06:08:55 GMT
date
Mon, 11 Nov 2024 05:38:55 GMT
last-modified
Tue, 24 Sep 2024 20:55:06 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-id-2
hry1j8yA39MEE6pQNOKzNIpVP8mB9bo7AHrgcxvChGWrs9OWANfIkUkAEO7BC+W5WOggijz0838=
cache-control
max-age=1800
timing-allow-origin
*
x-amz-request-id
A6AQA947TRC4SJCB
accept-ranges
bytes
access-control-allow-origin
*
content-length
20968
x-amz-server-side-encryption
AES256

Redirect headers

expires
Tue, 11 Nov 2025 05:38:55 GMT
cache-control
max-age=31536000
location
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
content-length
0
access-control-allow-origin
*
date
Mon, 11 Nov 2024 05:38:55 GMT
timing-allow-origin
*
jquery-latest.min.js
code.jquery.com/
94 KB
33 KB
Script
General
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
gzip
etag
W/"28feccc0-1762a"
age
1208117
x-cache
HIT
date
Mon, 11 Nov 2024 05:38:55 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
12203
x-served-by
cache-lga21946-LGA
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1731303536.698509,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
33202
server
nginx
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/
176 KB
58 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
679d4b6ca14337ff5c8fae42ef869a5466a71df816e8d304e7bcc7adb1400b4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

content-encoding
gzip
age
293178
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 20:12:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 20:12:37 GMT
last-modified
Thu, 10 Oct 2024 20:03:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
accept-ranges
bytes
access-control-allow-origin
*
content-length
59185
x-xss-protection
0
server
sffe
fc.php
service.supercounters.com/
61 B
306 B
Script
General
Full URL
https://service.supercounters.com/fc.php?id=1702148&w=1&v=1&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&url=https%3A%2F%2Fjohn-mahama-fund.clnk.online%2F&ref=&sw=1600&sh=1200&rand=23&label=&fcolor=ffffff
Requested by
Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_t.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
172.104.29.90 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
li1848-90.members.linode.com
Software
nginx/1.20.1 / PHP/7.4.13
Resource Hash
a496f376050a395cc8bf8a9c15d70ea4add1318402c1b9858069f038b8a49f00

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

Transfer-Encoding
chunked
Content-Encoding
gzip
Date
Mon, 11 Nov 2024 05:38:55 GMT
Content-Type
application/x-javascript
X-Powered-By
PHP/7.4.13
Server
nginx/1.20.1
Connection
keep-alive
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://john-mahama-fund.clnk.online
Referer
https://fonts.googleapis.com/

Response headers

age
479493
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 05 Nov 2025 16:27:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 05 Nov 2024 16:27:22 GMT
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7748
x-xss-protection
0
server
sffe
navbar.g
www.blogger.com/ Frame 29B2
0
0
Document
General
Full URL
https://www.blogger.com/navbar.g?targetBlogID=4312807017216132363&blogName=ads&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=BLUE&layoutType=CLASSIC&searchRoot=https://ghana-500ghs-camp-funds.blogspot.com/search&blogLocale=en&v=2&homepageUrl=https://ghana-500ghs-camp-funds.blogspot.com/&vt=4282426271867752552&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.en.N4A9eqvTwsI.O%2Fam%3DAACA%2Fd%3D1%2Frs%3DAHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.N4A9eqvTwsI.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/am=AACA/rs=AHpOoo_O6fwbR1aR8YHQkB3I0FTV0L0UIA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2009 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://john-mahama-fund.clnk.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
2158
content-security-policy
script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type
text/html; charset=UTF-8
date
Mon, 11 Nov 2024 05:38:55 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma
no-cache
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:wght@500;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://john-mahama-fund.clnk.online
Referer
https://fonts.googleapis.com/

Response headers

age
294296
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 07 Nov 2025 19:53:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 07 Nov 2024 19:53:59 GMT
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7816
x-xss-protection
0
server
sffe
js15_as.js
s10.histats.com/
11 KB
4 KB
Script
General
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: john-mahama-fund.clnk.online
URL: https://john-mahama-fund.clnk.online/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

x-request-id
649889110
content-encoding
br
etag
"-375139978"
x-cdn-pop
bhs
x-cacheable
Matched cache
accept-ranges
bytes
x-cdn-pop-ip
137.74.122.0/26
content-length
4364
date
Mon, 11 Nov 2024 05:38:20 GMT
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
content-type
text/javascript
0.php
s4.histats.com/stats/
53 B
187 B
Script
General
Full URL
https://s4.histats.com/stats/0.php?3313418&@f16&@g1&@h1&@i1&@j1731303535966&@k0&@l1&@mJohn%20Dramani%20Mahama%20500GHS%20Campaign%27s%20Funds%20For%20Ghanians&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:146844139&@b3:1731303536&@b4:js15_as.js&@b5:-600&@a-_0.2.1&@vhttps%3A%2F%2Fjohn-mahama-fund.clnk.online%2F%23&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.128 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534296.ip-149-56-240.net
Software
/
Resource Hash
5a124ada838efdbbca092dd18fe952bbb47ad6a159fd248f8a5e5e65f9b45762

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

Content-Length
53
Date
Mon, 11 Nov 2024 05:38:56 GMT
Content-Type
text/html;charset=UTF-8
Connection
close
event
events.api.secureserver.net/t/1/tl/
43 B
291 B
Fetch
General
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=john-mahama-fund.clnk.online&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=e7707432-ca6c-469c-ab2f-43de09d2cd27&vtg=e7707432-ca6c-469c-ab2f-43de09d2cd27&dp=%2F&trace_id=ffd958e5510848139bc7d89db42f01af&cts=2024-11-11T05%3A38%3A55.871Z&hit_id=e0d0e17f-5d04-43ad-9522-f39c7dbdd771&ht=pageview&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl487034%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229979766%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=1812173216&z=909427688
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:325 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-robots-tag
noindex, nofollow
cache-control
private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://john-mahama-fund.clnk.online
content-length
43
x-xss-protection
1; mode=block
date
Mon, 11 Nov 2024 05:38:56 GMT
content-type
image/gif
x-frame-options
DENY
event
events.api.secureserver.net/t/1/tl/
43 B
291 B
Fetch
General
Full URL
https://events.api.secureserver.net/t/1/tl/event?dh=john-mahama-fund.clnk.online&dr=&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F130.0.0.0%20Safari%2F537.36&client_name=scc-c2&cv=0.4.7&vg=e7707432-ca6c-469c-ab2f-43de09d2cd27&vtg=e7707432-ca6c-469c-ab2f-43de09d2cd27&dp=%2F&trace_id=ffd958e5510848139bc7d89db42f01af&cts=2024-11-11T05%3A38%3A56.025Z&hit_id=4b34f87a-d1d0-4fa0-ad34-bd8be43268fa&ea=pageperf&ht=perf&eid=traffic.tcc.instrumentation.navigation.timing&trfd=%7B%22ap%22%3A%22cpsh-oh%22%2C%22server%22%3A%22p3plzcpnl487034%22%2C%22dcenter%22%3A%22p3%22%2C%22cp_id%22%3A%229979766%22%2C%22cp_cl%22%3A%228%22%7D&ap=cpsh-oh&vci=1812173216&z=623528443&tce=1731303535560&tcs=1731303535540&tdc=1731303536020&tdclee=1731303535913&tdcles=1731303535911&tdi=1731303535910&tdl=1731303535588&tdle=1731303535540&tdls=1731303535522&tfs=1731303535521&tns=1731303535467&trqs=1731303535560&tre=1731303535573&trps=1731303535570&tles=1731303536020&tlee=0&nt=navigate&nav_type=hard
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:16::17c4:325 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://john-mahama-fund.clnk.online/

Response headers

strict-transport-security
max-age=31536000 ; includeSubDomains
x-robots-tag
noindex, nofollow
cache-control
private
access-control-allow-credentials
true
x-content-type-options
nosniff
access-control-allow-origin
https://john-mahama-fund.clnk.online
content-length
43
x-xss-protection
1; mode=block
date
Mon, 11 Nov 2024 05:38:56 GMT
content-type
image/gif
x-frame-options
DENY
eventbus
csp.secureserver.net/ Frame
0
0
Preflight
General
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:2589::228b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://john-mahama-fund.clnk.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Mon, 11 Nov 2024 05:38:56 GMT
Expires
Mon, 11 Nov 2024 05:38:56 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
BETBnHCaIAMEQkQ=
x-amzn-requestid
727c9f5d-3c83-443e-a0ea-32fdfd384ec9
x-amzn-trace-id
Root=1-67319870-1fbf1019450d024a178a2c54
x-envoy-upstream-service-time
6
eventbus
csp.secureserver.net/
0
0
Fetch
General
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:2589::228b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization
api-key b18ef4f046435b64a469b32c3c1c20a3
Referer
https://john-mahama-fund.clnk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-amz-apigw-id
BETBnEmnIAMEJRQ=
x-envoy-upstream-service-time
89
Pragma
no-cache
x-amzn-trace-id
Root=1-67319870-70411d390d09cffd70deb583
Connection
keep-alive
x-amzn-requestid
ad36fa4f-29ff-4a64-9469-12aa8f8ff9b8
Expires
Mon, 11 Nov 2024 05:38:56 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 11 Nov 2024 05:38:56 GMT
Content-Type
application/json
eventbus
csp.secureserver.net/
0
0
Fetch
General
Full URL
https://csp.secureserver.net/eventbus
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:2589::228b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Authorization
api-key 8da2217409854bee82e12dc4ca0b39fb
Referer
https://john-mahama-fund.clnk.online/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-amz-apigw-id
BETBnEuUIAMEPAQ=
x-envoy-upstream-service-time
87
Pragma
no-cache
x-amzn-trace-id
Root=1-67319870-2c5c5ba9024721733af8d4a7
Connection
keep-alive
x-amzn-requestid
7ee82887-9daf-48e7-a551-913a242e68c6
Expires
Mon, 11 Nov 2024 05:38:56 GMT
Access-Control-Allow-Origin
*
Content-Length
0
Date
Mon, 11 Nov 2024 05:38:56 GMT
Content-Type
application/json
eventbus
csp.secureserver.net/ Frame
0
0
Preflight
General
Full URL
https://csp.secureserver.net/eventbus
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:141b:1c00:2589::228b Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type
Access-Control-Request-Method
POST
Origin
https://john-mahama-fund.clnk.online
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,authorization
Access-Control-Allow-Methods
OPTIONS,POST
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Content-Type
application/json
Date
Mon, 11 Nov 2024 05:38:56 GMT
Expires
Mon, 11 Nov 2024 05:38:56 GMT
Pragma
no-cache
Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
x-amz-apigw-id
BETBnEymoAMEBww=
x-amzn-requestid
08aea9e3-0670-45ca-bca4-9d173cedcb64
x-amzn-trace-id
Root=1-67319870-70749e3b58b5911c12fb0fc2
x-envoy-upstream-service-time
5

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal string| language function| setAttributeOnload object| gapi object| ___jsl function| sc_online_t function| sc_onlinetext function| ct_insert object| view object| _F_toggles object| osapi object| gadgets object| shindig object| iframer function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow function| go object| _trfd object| _tcclInternal object| _expDataLayer object| _signalsDataLayer object| scc-c2 function| $ function| jQuery string| text1 string| text2 string| text3 string| error string| cpa string| cpa1 string| saved string| share string| tiaoban object| date number| hour number| minute number| second string| mytime string| tb function| tipn object| _Hasync function| chfh function| chfh2 string| _HST_cntval object| Histats object| _HistatsCounterGraphics_0_setValues object| _trfq

12 Cookies

Domain/Path Name / Value
lkbitz.com/ Name: PHPSESSID
Value: 5a84129a608d44d2b004127ff30c38bc
lkbitz.com/ Name: short_1
Value: 1
.clnk.online/ Name: _tccl_visitor
Value: e7707432-ca6c-469c-ab2f-43de09d2cd27
.clnk.online/ Name: _tccl_visit
Value: e7707432-ca6c-469c-ab2f-43de09d2cd27
.clnk.online/ Name: _scc_session
Value: pc=1&C_TOUCH=2024-11-11T05:38:55.870Z
john-mahama-fund.clnk.online/ Name: HstCfa3313418
Value: 1731303535966
john-mahama-fund.clnk.online/ Name: HstCla3313418
Value: 1731303535966
john-mahama-fund.clnk.online/ Name: HstCmu3313418
Value: 1731303535966
john-mahama-fund.clnk.online/ Name: HstPn3313418
Value: 1
john-mahama-fund.clnk.online/ Name: HstPt3313418
Value: 1
john-mahama-fund.clnk.online/ Name: HstCnv3313418
Value: 1
john-mahama-fund.clnk.online/ Name: HstCns3313418
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://john-mahama-fund.clnk.online/js/app.js?id=d41d8cd98f00b204e980
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apis.google.com
blogger.googleusercontent.com
cdnjs.cloudflare.com
code.jquery.com
csp.secureserver.net
events.api.secureserver.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
john-mahama-fund.clnk.online
johnmahama.org
lkbitz.com
maxcdn.bootstrapcdn.com
media.istockphoto.com
olului.pages.dev
pamdas.pages.dev
pbs.twimg.com
s10.histats.com
s4.histats.com
service.supercounters.com
t4.ftcdn.net
widget.supercounters.com
www.blogger.com
149.56.240.128
151.101.193.91
172.104.29.90
18.164.124.125
23.209.72.200
2600:141b:1c00:16::17c4:325
2600:141b:1c00:2589::228b
2606:4700:3034::6815:4bd
2606:4700:3036::6815:b99
2606:4700:310c::ac42:2c35
2606:4700:310c::ac42:2f27
2606:4700::6811:180e
2606:4700::6812:9fb
2606:4700::6812:acf
2607:f8b0:4006:80b::2003
2607:f8b0:4006:80c::2001
2607:f8b0:4006:81d::200e
2607:f8b0:4006:81e::2009
2607:f8b0:4006:81e::200a
2a04:4e42::649
46.105.201.240
64.20.37.26
0539cc2b77a5458751510492401d8e61e23aece4f10e861bdeb392cf92abbc58
0fe442c392ba79a12acfdac7466b61109511238a1f5590263652c9aa6a1c8d37
13f325faa972c65e9d2e0ed4098c5052fcbb30fbd8e170b3374f3a02931d2cc9
14368eed8206f3a744084bdd0f679edb6c0cad8ad139f047b46ba6841f39979a
1b4dacb0dafda81d48ee0890ea113b3b8275bf2d16d5325f971f16eb75f7218a
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
44382728c33def9f871f8c58ae97a0b8ee721d735fa826822b7a5fb01851e5aa
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5a124ada838efdbbca092dd18fe952bbb47ad6a159fd248f8a5e5e65f9b45762
679d4b6ca14337ff5c8fae42ef869a5466a71df816e8d304e7bcc7adb1400b4c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9e89ba2525b9badd7d18be1b8137803f52f85b5d005ed4ea510104f122d535c6
a496f376050a395cc8bf8a9c15d70ea4add1318402c1b9858069f038b8a49f00
a6e7616391f5c7649cd033b934318aa33a71e9ce24c341c0e62e438c14bd66c5
ab834bfb8eeb43e3703eabad89e11a0cd906155d6cea60205cd69e443cc9adcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b83e8830b6b2f1253a78f90191cf1087e8fd7638831fd4c1376a7a6029297240
c74937480b8e483794db5574619c0421a327af9134c3095c67c9a0a06f170268
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d08886e8a724d490ec4f86229c38a1856ef782d7e56d80f6dd042a76da6dec2e
d914b553a50d65d2d2d0173dcf6becbd5e322c86c934ac720389abc79ba8b2c9
f56b0bd9e5cd22334b47cc1d10e2cf1ae6a2fd95c16ed5534e925f6dfae331ed
fa45b3fa5d1e796e4696ac63fdf0b8a8b3bfd56bbac172008628eafc70429214
fd0a80fb92bb60cf3c28a03ed20fcc0e9f3a77f470e06fd233b28feba1902c57