login.fundsforngospremium.com Open in urlscan Pro
2606:4700:10::6816:fe6 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://login.fundsforngospremium.com/
Submission: On July 20 via automatic, source certstream-suspicious (July 20th 2021, 10:04:02 am UTC)

Summary HTTP 57 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 57 HTTP transactions. The main IP is 2606:4700:10::6816:fe6, located in United States and belongs to CLOUDFLARENET, US. The main domain is login.fundsforngospremium.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 5th 2021. Valid for: a year.

This is the only time login.fundsforngospremium.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2606:4700:10:... 2606:4700:10::6816:fe6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
10	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::6815:51ef	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.145.77 13.226.145.77	16509 (AMAZON-02) (AMAZON-02)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	13.226.145.55 13.226.145.55	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2014	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1	13.226.145.103 13.226.145.103	16509 (AMAZON-02) (AMAZON-02)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	12

34 2606:4700:10::6816:fe6 (United States)

ASN13335 (CLOUDFLARENET, US)

login.fundsforngospremium.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::6815:51ef (United States)

ASN13335 (CLOUDFLARENET, US)

static.notifia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-77.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-55.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2014 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geotargetly-1a441.appspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

geo-targetly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-103.dus51.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (United States)

ASN13335 (CLOUDFLARENET, US)

fundsforngos.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	fundsforngospremium.com login.fundsforngospremium.com	253 KB
11	zdassets.com static.zdassets.com ekr.zdassets.com	393 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	gstatic.com fonts.gstatic.com	44 KB
2	zendesk.com fundsforngos.zendesk.com	2 KB
1	geo-targetly.com geo-targetly.com	179 B
1	appspot.com geotargetly-1a441.appspot.com	337 B
1	notifia.io static.notifia.io	26 KB
1	googleapis.com fonts.googleapis.com	1 KB
57	9

	Domain	Requested by
34	login.fundsforngospremium.com	login.fundsforngospremium.com
10	static.zdassets.com	login.fundsforngospremium.com static.zdassets.com
3	fonts.gstatic.com	fonts.googleapis.com
2	fundsforngos.zendesk.com	static.zdassets.com
1	vars.hotjar.com	static.hotjar.com
1	geo-targetly.com	login.fundsforngospremium.com
1	geotargetly-1a441.appspot.com	login.fundsforngospremium.com
1	script.hotjar.com	static.hotjar.com
1	ekr.zdassets.com	static.zdassets.com
1	static.hotjar.com	login.fundsforngospremium.com
1	static.notifia.io	login.fundsforngospremium.com
1	fonts.googleapis.com	login.fundsforngospremium.com
57	12

This site contains links to these domains. Also see Links.

Domain
home.fundsforngospremium.com
www2.fundsforngospremium.com
www.facebook.com
twitter.com
www.quora.com
www.instagram.com
www.youtube.com
support.fundsforngos.org
fundsforngospremium.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-05` - `2022-03-04`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
ssl1036557.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2021-07-08` - `2022-07-07`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.appspot.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
geo-targetly.com GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
fundsforngos.zendesk.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://login.fundsforngospremium.com/
Frame ID: D8B06C8EEB124AF2ABA44727C47111B3
Requests: 46 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js
Frame ID: BC5CBDD1FB02F3C3F25F4617552C4AF0
Requests: 10 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: F414F517FF7980DE64E73C46DC07708F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

IIS (Web Servers) Expand

Overall confidence: 50%
Detected patterns

html /<input[^>]+name="__VIEWSTATE/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

57
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

782 kB
Transfer

2484 kB
Size

4
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://home.fundsforngospremium.com/about-us/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www2.fundsforngospremium.com/contact
Title: Contact Us

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fundsforngos
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/fundsforngos
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.quora.com/profile/fundsforNGOs-2
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fundsforngos/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fundsforngos
Title: Youtube

Search URL Search Domain Scan URL

URL: https://home.fundsforngospremium.com/
Title:

Search URL Search Domain Scan URL

URL: https://home.fundsforngospremium.com/pricing/
Title: PRICING

Search URL Search Domain Scan URL

URL: https://support.fundsforngos.org/hc/en-us/articles/360038959633-Why-I-cannot-sign-in-
Title: Why I cannot sign in?

Search URL Search Domain Scan URL

URL: https://fundsforngospremium.com/PlanListnerWeb.ashx?PlanCode=9999STRFULL
Title: Not a Premium Member? Sign up here!

Search URL Search Domain Scan URL

URL: https://home.fundsforngospremium.com/terms/
Title: Privacy Policy, Refund & Cancellation Policy, Purchase Policy

Search URL Search Domain Scan URL

URL: http://www2.fundsforngospremium.com/support
Title: Support

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
login.fundsforngospremium.com/ 18 KB
6 KB 641ms
615ms Document
text/html 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5f597583f3f3781adce860cd618485b524c79b5e34a68f99718379098b2bb677

Request headers

:method: GET
:authority: login.fundsforngospremium.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil; path=/; HttpOnly; SameSite=Lax
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 671b5c606dd4d6dd-FRA
content-encoding: br

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 38ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800|Shadows+Into+Light

Requested by

Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a09e10f9743e3df4276f9a05036d72d15cc806e249e1b7e7fa8737862a81d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 09:26:49 GMT
server: ESF
date: Tue, 20 Jul 2021 10:03:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 10:03:39 GMT

GET
H2 200 bootstrap.css
login.fundsforngospremium.com/css/ 88 KB
16 KB 41ms
37ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/bootstrap.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c424a8899846443ad33cd4d5f3b8c490f4925a2dc25ebc5617a9f5473b66f420

Request headers

:path: /css/bootstrap.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 1509178
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:23 GMT
server: cloudflare
etag: W/"164b8eb339cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=91098
cf-ray: 671b5c644be7d6dd-FRA
cf-bgj: minify

GET
H2 200 font-awesome.css
login.fundsforngospremium.com/css/fonts/font-awesome/css/ 18 KB
4 KB 34ms
29ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/fonts/font-awesome/css/font-awesome.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7caa2c06cbcd21c051487ec84370bf55b7ff56763577c77225bd7a2424bdce0c

Request headers

:path: /css/fonts/font-awesome/css/font-awesome.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 5697771
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:45 GMT
server: cloudflare
etag: W/"908d67c039cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=22530
cf-ray: 671b5c644be9d6dd-FRA
cf-bgj: minify

GET
H2 200 font-awesome.min.css
login.fundsforngospremium.com/css/fonts/font-awesome/css/ 17 KB
4 KB 35ms
31ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/fonts/font-awesome/css/font-awesome.min.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8

Request headers

:path: /css/fonts/font-awesome/css/font-awesome.min.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2018 08:56:46 GMT
server: cloudflare
age: 7613212
x-powered-by: ASP.NET
etag: W/"d19121c139cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-ray: 671b5c644becd6dd-FRA

GET
H2 200 owl.carousel.css
login.fundsforngospremium.com/vendor/owl-carousel/ 1 KB
475 B 33ms
28ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/vendor/owl-carousel/owl.carousel.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762

Request headers

:path: /vendor/owl-carousel/owl.carousel.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613213
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:20:07 GMT
server: cloudflare
etag: W/"a6ee1a73859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=1476
cf-ray: 671b5c644bf1d6dd-FRA
cf-bgj: minify

GET
H2 200 owl.theme.css
login.fundsforngospremium.com/vendor/owl-carousel/ 1 KB
529 B 20ms
15ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/vendor/owl-carousel/owl.theme.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 412752ed1c97f0aef8acf02f8ced68186ecdf81b8182f11c981b1e3436748c52

Request headers

:path: /vendor/owl-carousel/owl.theme.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613213
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:20:08 GMT
server: cloudflare
etag: W/"c19dea73859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=1665
cf-ray: 671b5c644bf2d6dd-FRA
cf-bgj: minify

GET
H2 200 magnific-popup.css
login.fundsforngospremium.com/vendor/magnific-popup/ 6 KB
2 KB 39ms
35ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/vendor/magnific-popup/magnific-popup.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1bb8de3b3ae70e3ce2854c5a40b1d0899e4a005b7d3d5b67d552a3af69772737

Request headers

:path: /vendor/magnific-popup/magnific-popup.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613213
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:19:30 GMT
server: cloudflare
etag: W/"f13005d859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=7467
cf-ray: 671b5c644bf3d6dd-FRA
cf-bgj: minify

GET
H2 200 theme.css
login.fundsforngospremium.com/css/ 29 KB
6 KB 35ms
31ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/theme.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 02966eeb5dfde80f28dc9c7f39eadfa8fc88ec6b76aeea954ba87ee04d8109d1

Request headers

:path: /css/theme.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 08 May 2019 06:47:18 GMT
server: cloudflare
etag: W/"7981fce0695d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=37315
cf-ray: 671b5c644bf4d6dd-FRA
cf-bgj: minify

GET
H2 200 theme-elements.css
login.fundsforngospremium.com/css/ 37 KB
8 KB 34ms
30ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/theme-elements.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 790b236022be5a732fc16876483d2c76cf564a6e35da0c636bcf5c54ffec96d6

Request headers

:path: /css/theme-elements.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:31 GMT
server: cloudflare
etag: W/"be566db839cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=48001
cf-ray: 671b5c644bf5d6dd-FRA
cf-bgj: minify

GET
H2 200 theme-animate.css
login.fundsforngospremium.com/css/ 22 KB
3 KB 33ms
29ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/theme-animate.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4d01a5693cfe33ad90a1cc834e13686f938684d3e5fc9d827c8701ded41e1f16

Request headers

:path: /css/theme-animate.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:29 GMT
server: cloudflare
etag: W/"6a241db739cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=29871
cf-ray: 671b5c644bf8d6dd-FRA
cf-bgj: minify

GET
H2 200 theme-shop.css
login.fundsforngospremium.com/css/ 13 KB
2 KB 37ms
33ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/theme-shop.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 33a3064d0209c225219c12029eaf71e1b0949f23512d9a25f630d16ff0fb8f7c

Request headers

:path: /css/theme-shop.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:33 GMT
server: cloudflare
etag: W/"38cf5bb939cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=16049
cf-ray: 671b5c644bfad6dd-FRA
cf-bgj: minify

GET
H2 200 blue.css
login.fundsforngospremium.com/css/skins/ 5 KB
1 KB 37ms
34ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/skins/blue.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9e438f02e5b74b44471f238b9cea28eb3c3466ac47bc1864f93d88a3ccf4b65e

Request headers

:path: /css/skins/blue.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:41 GMT
server: cloudflare
etag: W/"e39a4be39cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=6298
cf-ray: 671b5c644bfbd6dd-FRA
cf-bgj: minify

GET
H2 200 custom.css
login.fundsforngospremium.com/css/ 1 KB
562 B 37ms
34ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/custom.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4094b87cef5a9a1e4e6fcbed73e7516caaddcb61780afe636a82285abd1a111a

Request headers

:path: /css/custom.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613213
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 02 Feb 2018 08:56:22 GMT
server: cloudflare
etag: W/"4ebf0b239cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=1643
cf-ray: 671b5c644bfcd6dd-FRA
cf-bgj: minify

GET
H2 200 ffn-loader.css
login.fundsforngospremium.com/css/mycss/ 1 KB
543 B 36ms
33ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/mycss/ffn-loader.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 42ef0bf401db68702e230dec3b3f94e761875118cfaf80bed2a7ea706712d0ac

Request headers

:path: /css/mycss/ffn-loader.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Mon, 08 Apr 2019 12:04:52 GMT
server: cloudflare
etag: W/"40e3f7453eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=2140
cf-ray: 671b5c644bfed6dd-FRA
cf-bgj: minify

GET
H2 200 theme-responsive.css
login.fundsforngospremium.com/css/ 9 KB
2 KB 34ms
31ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/theme-responsive.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 09ad1979d8a704171ed7ed4b471c81c878e60fda7bffb996b1b47c23cc8e6d5d

Request headers

:path: /css/theme-responsive.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 22 May 2019 06:36:08 GMT
server: cloudflare
etag: W/"7cbaa5a36810d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=12328
cf-ray: 671b5c644bffd6dd-FRA
cf-bgj: minify

GET
H2 200 sweetalert.css
login.fundsforngospremium.com/css/ 13 KB
3 KB 30ms
27ms Stylesheet
text/css 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/sweetalert.css
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f9b86ec0dc87f9bac46d54793f3871c7a54f547d756c36813b0e058d95b5193d

Request headers

:path: /css/sweetalert.css
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 24 May 2019 04:45:24 GMT
server: cloudflare
etag: W/"12945b80eb11d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=7776000
cf-polished: origSize=19306
cf-ray: 671b5c644c00d6dd-FRA
cf-bgj: minify

GET
H2 200 modernizr.js Show response
login.fundsforngospremium.com/vendor/ 9 KB
4 KB 34ms
32ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/vendor/modernizr.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b21c73b12d05294d22b53430e527000d38361b509375b6cdf7dc23c2ebd3a4ba

Request headers

:path: /vendor/modernizr.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:19:19 GMT
server: cloudflare
etag: W/"46866c56859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=9466
cf-ray: 671b5c645c02d6dd-FRA
cf-bgj: minify

GET
H2 200 jquery-3.js Show response
login.fundsforngospremium.com/Scripts/ 82 KB
30 KB 38ms
35ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/Scripts/jquery-3.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 764c350ccd8d0911436e77f23fbf24246319f25992410fbd1a55545780386bde

Request headers

:path: /Scripts/jquery-3.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 1509178
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:18:37 GMT
server: cloudflare
etag: W/"845323d859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=101754
cf-ray: 671b5c645c05d6dd-FRA
cf-bgj: minify

GET
H2 200 sweetalert.min.js Show response
login.fundsforngospremium.com/js/ 18 KB
6 KB 37ms
35ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/sweetalert.min.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9cd9c2d5dc590284c1c7c3edf64589f6e50236729ad206bb807fad4f13567960

Request headers

:path: /js/sweetalert.min.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 31 Jan 2018 11:18:22 GMT
server: cloudflare
age: 7613212
x-powered-by: ASP.NET
etag: W/"6f604a34859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-ray: 671b5c645c07d6dd-FRA

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 20 KB
6 KB 72ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Requested by

Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 18
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 41XSE2J3V8M84WRK
x-amz-id-2: mjnFmpTmryioOwtoUy6X/3bjj2OXZqYQ3/gTV7btZHflHGDtY8RMj30iwxO+R+wcHiFLb+AC6UU=
last-modified: Wed, 09 Jun 2021 00:08:59 GMT
server: cloudflare
etag: W/"cc904f41324148b571599b3b02fdec0b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=heTJErzC%2BZSm%2FtvXckyJvRvXvZXtgMkshrbDk3TePZfFDLcLT%2BQraotKYtnjpUc%2Bl3oXtJBRt8xg1cv6yFb51d0GGbXEX21Xnc6kuyPRMuPwxf0lCWVgooNYcsNQ8VE8jTS3YCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: VFukQxfz8SFs4LT0u8yzm_CAm2zq09sT
cf-ray: 671b5c64996e32b8-CDG

GET
H2 200 WebResource.axd Show response
login.fundsforngospremium.com/ 23 KB
5 KB 607ms
605ms Script
application/x-javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZHpAaQlijcSghOefMkQQQudKc1rIyieTYS8sTXunY7vY0JmVhQ2&t=637453889640000000
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

:path: /WebResource.axd?d=pynGkmcFUV13He1Qd6_TZHpAaQlijcSghOefMkQQQudKc1rIyieTYS8sTXunY7vY0JmVhQ2&t=637453889640000000
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Jan 2021 01:29:24 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 671b5c645c09d6dd-FRA
expires: Wed, 20 Jul 2022 10:02:17 GMT

GET
H2 200 WebResource.axd Show response
login.fundsforngospremium.com/ 3 KB
937 B 492ms
490ms Script
application/x-javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/WebResource.axd?d=JoBkLzP19aTuxbWOhHobYhsZ4vUFP7JXDoPVukgQDseSpb-jAxEZqscW_j6367FWRDFR4g2&t=637453889640000000
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf

Request headers

:path: /WebResource.axd?d=JoBkLzP19aTuxbWOhHobYhsZ4vUFP7JXDoPVukgQDseSpb-jAxEZqscW_j6367FWRDFR4g2&t=637453889640000000
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 05 Jan 2021 01:29:24 GMT
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 671b5c645c0bd6dd-FRA
expires: Wed, 20 Jul 2022 10:02:16 GMT

GET
H2 200 quora.png
login.fundsforngospremium.com/images/ 1 KB
1 KB 19ms
17ms Image
image/png 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.fundsforngospremium.com/images/quora.png
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3e6fa40a3de224420a3b06bb989d4ab052a7ac6db71fc8b15e9d2a371a3cbcb2

Request headers

:path: /images/quora.png
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
cf-cache-status: HIT
age: 7613211
x-powered-by: ASP.NET
content-length: 1177
x-powered-by-plesk: PleskWin
last-modified: Tue, 19 Mar 2019 11:00:42 GMT
server: cloudflare
etag: "6faca4fe42ded41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-polished: origSize=1811
accept-ranges: bytes
cf-ray: 671b5c64ccb7d6dd-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 logo.png
login.fundsforngospremium.com/img/ 8 KB
9 KB 15ms
14ms Image
image/png 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.fundsforngospremium.com/img/logo.png
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d01ea2db29ba80e1af6dd1c8694644dc8bda67b664e5e3e93e797cd97ff03612

Request headers

:path: /img/logo.png
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
cf-cache-status: HIT
age: 94226
x-powered-by: ASP.NET
content-length: 8652
x-powered-by-plesk: PleskWin
last-modified: Wed, 20 Mar 2019 07:12:15 GMT
server: cloudflare
etag: "c9c263fecded41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-polished: origSize=12258
accept-ranges: bytes
cf-ray: 671b5c64ccb9d6dd-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ 14 KB
15 KB 26ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800|Shadows+Into+Light

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.fundsforngospremium.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options: nosniff
age: 56249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:19 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 19 Jul 2022 18:26:10 GMT

GET
H2 200 widget.js Show response
static.notifia.io/ 88 KB
26 KB 57ms
20ms Script
application/javascript 2606:4700:3032::6815:51ef
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.notifia.io/widget.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::6815:51ef , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f5be0f673361697b255e5ca6d2b3a85eb40e480af3faa8c30174d2d02a50300

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sat, 13 Mar 2021 05:26:41 GMT
server: cloudflare
etag: W/"604c4d11-15ee9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diY9wYrAHYYO%2B4caH7MgqLGHVkK%2FFZfYOp%2FQb7Ryv4M3HN64EM%2FpAfUpHYYEXXnZ%2FuQn3Y8HFQVPcXKsG%2F3ntq%2FxdS8z680yPbi1CvSU7gRC0P7%2F3jxtMWYFdNx%2FZvX8nyxBfD8FKmhAt8pJHamNmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 671b5c650bd5c2e0-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

GET
H2 200 hotjar-2012270.js Show response
static.hotjar.com/c/ 5 KB
2 KB 107ms
38ms Script
application/javascript 13.226.145.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2012270.js?sv=6

Requested by

Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.77 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-77.dus51.r.cloudfront.net

Software

Resource Hash

d431115b4453bc65ca9bfbfe71d104b51d93f59f338f4d3d14931e5c5173fdfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:06 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
age: 33
etag: W/1395b36c245a05bcab9cae401d752f61
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: iUK4ClZ-SSW3rvhpqN8JU5BrEESHikpHzF9loqAsisVqyCqeg4Gtmw==
via: 1.1 f6bd96409cae11d77ed75457d756ef80.cloudfront.net (CloudFront)

GET
H2 200 logo-icon.png
login.fundsforngospremium.com/images/ 5 KB
5 KB 18ms
18ms Image
image/png 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.fundsforngospremium.com/images/logo-icon.png
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/css/mycss/ffn-loader.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fc487e64c8c8a9c4962f61b0fbe2601a14be606089f62b41e0820e42153a2091

Request headers

:path: /images/logo-icon.png
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/css/mycss/ffn-loader.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/css/mycss/ffn-loader.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
cf-cache-status: HIT
age: 1509177
x-powered-by: ASP.NET
content-length: 5257
x-powered-by-plesk: PleskWin
last-modified: Mon, 08 Apr 2019 12:05:00 GMT
server: cloudflare
etag: "bae9664a3eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-polished: origSize=12073
accept-ranges: bytes
cf-ray: 671b5c64ccbad6dd-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 f2199f63-1092-48a5-9ae0-0f4e4ab2a41b Show response
ekr.zdassets.com/compose/ 636 B
1 KB 239ms
195ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e468c6f40f428fa6610c158b24412b688f68f83602da492300f97dace461cdae

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: REVALIDATED
nel: {"report_to":"cf-nel","max_age":604800}
status: 200 OK
access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=0
x-request-id: fe2d9482-db11-4a3f-9dd9-29483b61b5d3
x-runtime: 0.002231
server: cloudflare
etag: W/"e468c6f40f428fa6610c158b24412b68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WNcLynxHiJkLVN1jPIjRsLJI%2FePa4Uxr1ChMdoVf4CCL%2Fd4zCZqbSb9JmXzd4zJiu63VM1KepqPhaKKQZIkvve8Oh86iihaab1ZYu%2FuRkTSlvbUJvdVWeBAsu7LMgUQAf5A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 671b5c6519c73328-CDG

GET
H2 200 geoTargetly.js Show response
login.fundsforngospremium.com/js/myjs/ 3 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/myjs/geoTargetly.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1eea651ad3c25c836a02f4ab84ad41e9a168c0cf09801d303e6822b83891789c

Request headers

:path: /js/myjs/geoTargetly.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Mon, 03 Jun 2019 07:45:04 GMT
server: cloudflare
etag: W/"7834d741e019d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=4428
cf-ray: 671b5c64fcf2d6dd-FRA
cf-bgj: minify

GET
H2 200 visitorslogin.js Show response
login.fundsforngospremium.com/js/myjs/ 1 KB
543 B 16ms
15ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/myjs/visitorslogin.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2d2416606117351dda49277b74c02c6f1dee29527cc944d593ac25d19ac5e763

Request headers

:path: /js/myjs/visitorslogin.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613211
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Fri, 24 May 2019 04:53:33 GMT
server: cloudflare
etag: W/"9ab2b2a3ec11d51:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=2421
cf-ray: 671b5c64fcf3d6dd-FRA
cf-bgj: minify

GET
H2 200 bootstrap.js Show response
login.fundsforngospremium.com/vendor/ 28 KB
8 KB 17ms
16ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/vendor/bootstrap.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fada2e501e3e451893de2b97bb6bb9662376cf0cd69017622b6909532560cbfe

Request headers

:path: /vendor/bootstrap.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613211
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:19:11 GMT
server: cloudflare
etag: W/"7a31b151859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=29165
cf-ray: 671b5c64fcf6d6dd-FRA
cf-bgj: minify

GET
H2 200 plugins.js Show response
login.fundsforngospremium.com/js/ 14 KB
5 KB 15ms
13ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/plugins.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1141ffcaccd84720cabcc0786083a9ed74803da3a7a35dee016c8b53486e1820

Request headers

:path: /js/plugins.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 1509178
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:18:21 GMT
server: cloudflare
etag: W/"6ef4ac33859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=28135
cf-ray: 671b5c64fcf7d6dd-FRA
cf-bgj: minify

GET
H2 200 compressed.js Show response
login.fundsforngospremium.com/vendor/ 189 KB
62 KB 25ms
24ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/vendor/compressed.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: be4f5b6de2f17ff34c98a016f54455b116f17dcd0d0dbe9d3e3e36dfc6856fec

Request headers

:path: /vendor/compressed.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 27 Feb 2019 07:48:22 GMT
server: cloudflare
age: 7613211
x-powered-by: ASP.NET
etag: W/"edc92cd070ced41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-ray: 671b5c64fcf9d6dd-FRA
cf-bgj: minify

GET
H2 200 theme.js Show response
login.fundsforngospremium.com/js/ 16 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/theme.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1249024baf0e2f454012015a71703f05326afda42d7672317e2e594b8cf28597

Request headers

:path: /js/theme.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613211
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:18:23 GMT
server: cloudflare
etag: W/"43a2f35859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=23841
cf-ray: 671b5c64fcfad6dd-FRA
cf-bgj: minify

GET
H2 200 custom.js Show response
login.fundsforngospremium.com/js/ 0
214 B 15ms
14ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/custom.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /js/custom.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
cf-cache-status: HIT
age: 1509178
x-powered-by: ASP.NET
content-length: 0
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:18:19 GMT
server: cloudflare
etag: "1cbb7b32859ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=41
accept-ranges: bytes
cf-ray: 671b5c64fcfdd6dd-FRA
cf-bgj: minify

GET
H2 200 alertmessage.js Show response
login.fundsforngospremium.com/js/myjs/ 364 B
364 B 16ms
15ms Script
application/javascript 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/js/myjs/alertmessage.js
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: fe11c62ffe0b69fd47bc342554ccffcd9f54598e47be6d1ea018b03046c41f9d

Request headers

:path: /js/myjs/alertmessage.js
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:39 GMT
content-encoding: br
cf-cache-status: HIT
age: 7613211
x-powered-by: ASP.NET
x-powered-by-plesk: PleskWin
last-modified: Mon, 08 Apr 2019 12:05:15 GMT
server: cloudflare
etag: W/"4f60ab533eed41:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=7776000
cf-polished: origSize=655
cf-ray: 671b5c64fd00d6dd-FRA
cf-bgj: minify

GET
H2 200 modules.4511dadc364f0ee7084d.js Show response
script.hotjar.com/ 219 KB
58 KB 107ms
39ms Script
application/javascript 13.226.145.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.4511dadc364f0ee7084d.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2012270.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-55.dus51.r.cloudfront.net

Software

Resource Hash

a0444d309dcb96f091176ba01136e8bea9fdcffa24220ed2a7aea15650fd18be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Jul 2021 14:17:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 416794
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59124
access-control-allow-origin: *
last-modified: Thu, 15 Jul 2021 14:16:08 GMT
etag: "fa62a803341910c78a5d640632dc1e3f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: OJAM9a72YxAsWmhLYKagZyJCjfuU8B1k91ie1ddeMCxZRDyD_Ao2Ww==

GET
H2 200 geolocation Show response
geotargetly-1a441.appspot.com/ 0
337 B 148ms
116ms Script
application/javascript 2a00:1450:4001:82f::2014
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geotargetly-1a441.appspot.com/geolocation?id=-LRtvQ01FLXOq3HYYOc-
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/js/myjs/geoTargetly.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2014 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
via: 1.1 google
x-powered-by: Express
content-type: application/javascript
x-cloud-trace-context: 73981e24876ad435f4c577db146a10bb/12028293971456732780;o=0
cache-control: private, no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 social-sprites.png
login.fundsforngospremium.com/img/ 9 KB
9 KB 29ms
28ms Image
image/png 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://login.fundsforngospremium.com/img/social-sprites.png
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/css/theme-elements.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3f5c7103a5a2bb450a1fc1431c135b84e880d6127e0d7e02e7082cbb6e7b8c81

Request headers

:path: /img/social-sprites.png
pragma: no-cache
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil; _hjTLDTest=1; _hjid=ae2ecf63-2c8e-4156-ac85-3e4c25f7ad18; _hjFirstSeen=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/css/theme-elements.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://login.fundsforngospremium.com/css/theme-elements.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
cf-cache-status: HIT
age: 7613212
x-powered-by: ASP.NET
content-length: 9435
x-powered-by-plesk: PleskWin
last-modified: Wed, 31 Jan 2018 11:16:31 GMT
server: cloudflare
etag: "4ca493f2849ad31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=7776000
cf-polished: origSize=10152
accept-ranges: bytes
cf-ray: 671b5c682aa8d6dd-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 fontawesome-webfont.woff
login.fundsforngospremium.com/css/fonts/font-awesome/fonts/ 43 KB
44 KB 18ms
18ms Font
font/x-woff 2606:4700:10::6816:fe6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://login.fundsforngospremium.com/css/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/css/fonts/font-awesome/css/font-awesome.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Request headers

sec-fetch-mode: cors
origin: https://login.fundsforngospremium.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ASP.NET_SessionId=etrztpw4hlwetegr1p4dzqil; _hjTLDTest=1; _hjid=ae2ecf63-2c8e-4156-ac85-3e4c25f7ad18; _hjFirstSeen=1
:path: /css/fonts/font-awesome/fonts/fontawesome-webfont.woff?v=4.0.3
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: login.fundsforngospremium.com
referer: https://login.fundsforngospremium.com/css/fonts/font-awesome/css/font-awesome.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://login.fundsforngospremium.com
Referer: https://login.fundsforngospremium.com/css/fonts/font-awesome/css/font-awesome.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-powered-by-plesk: PleskWin
date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 02 Feb 2018 08:56:54 GMT
server: cloudflare
age: 7613212
x-powered-by: ASP.NET
etag: W/"aca7c639cd31:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/x-woff
cache-control: max-age=7776000
cf-ray: 671b5c682aadd6dd-FRA

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800|Shadows+Into+Light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.fundsforngospremium.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:25:07 GMT
x-content-type-options: nosniff
age: 31113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:50 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:25:07 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN_r8OUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN_r8OUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700,800|Shadows+Into+Light

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://login.fundsforngospremium.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 03:39:05 GMT
x-content-type-options: nosniff
age: 23075
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14992
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 03:39:05 GMT

GET
H2 200 geobar Show response
geo-targetly.com/ 0
179 B 145ms
116ms Script
application/javascript 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://geo-targetly.com/geobar?id=-Lc4nUY3-COd3qdO2y1T
Requested by: Host: login.fundsforngospremium.com
URL: https://login.fundsforngospremium.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
via: 1.1 google
cache-control: private, no-cache, no-store, must-revalidate
content-type: application/javascript
x-powered-by: Express
content-length: 0
x-cloud-trace-context: 369ddb5c88dfeab163148e9fc12e9ba7/15954288150450591033;o=0

GET
H2 200 web-widget-preload-d40137b4838a3606af9c.js Show response
static.zdassets.com/web_widget/latest/ Frame BC5C 88 KB
32 KB 31ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43e849c06829b3240ef075b053aad3b34c615b9914801c69c061f0e575749d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33570
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 31A04FB7BTH490A5
x-amz-id-2: ErF2SUz/ldr7KPiXNYX4AZyLg1N/K21n2U8al+NVPkNxj5ANgmygLM4kGISf1CKvq33nLhmk4RM=
last-modified: Fri, 16 Jul 2021 00:23:16 GMT
server: cloudflare
etag: W/"e00e2a27cc13bc1da8a2070a285f6105"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngpuiqUe2ywsEo7C9AMUl4%2BBgYNhqIBm5tZsuDj8lqzAgz3s9zHnUCbXN8F58qUvfhvQlln%2BLUEpiex4b0Kwl73TwvWfb58VW6Irl4dwHJE7vNr30H5yriCjbUTNfLcmHJew4WA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: JH.36eB2EpIwSmbxNV8fwKsdRkfwas1W
cf-ray: 671b5c689eba32b8-CDG
expires: Sat, 16 Jul 2022 00:23:15 GMT

GET
H2 200 web-widget-framework-59cc049cbdce20aa9d43.js Show response
static.zdassets.com/web_widget/latest/ Frame BC5C 183 KB
59 KB 75ms
74ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-framework-59cc049cbdce20aa9d43.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90741af73a355376e00cee40c843d725ee17fd50dd102b198b04033718ad4271

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33570
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 31A7HG3JREFRJGVP
x-amz-id-2: HMvmB06M+RQdCy3qga+MvNcN5QSYvJCPCgzxJ5FhKupey8HdDvnVAzticTvz8AeIFxsHWV0Ll28=
last-modified: Fri, 16 Jul 2021 00:23:17 GMT
server: cloudflare
etag: W/"c00cc68bfd884e40d7f95fa55da84b74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RRrERxP0D0aCW7%2BuXGYyOjXV1r1ZV4%2FayFtoeXIYXkhp%2FlMnxqXJ1Yfscc0Wi%2Fqb%2FiUo%2FKY1kSrVm7U1j8M8xLIuT2XAO21g9oVT3tPZw8BjO%2FQvmjtDWJgduEJevs3qP740UVI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: MEsvMXqli9_hXKb6kJDOOcxLezFXCn9F
cf-ray: 671b5c689ebc32b8-CDG
expires: Sat, 16 Jul 2022 00:23:16 GMT

GET
H2 200 web-widget-chat-sdk-ad0bca0cd862985f164f.js Show response
static.zdassets.com/web_widget/latest/ Frame BC5C 203 KB
52 KB 54ms
54ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-sdk-ad0bca0cd862985f164f.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33574
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: AFCSZWW99A7WQ0G8
x-amz-id-2: rSUa3q7UCzR27JGJtSjs+Vr+DqiI27RkawWfu5bk9elpdJrpMc5LFnkm+rXCQd7Wix4DXsRRThw=
last-modified: Mon, 19 Jul 2021 02:04:04 GMT
server: cloudflare
etag: W/"093f405bc41723c43486a657a0e1a173"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK2lYm%2F61h2Zkcg4y0EO4vESy0SGR6gMDUHOhcOePI%2BBpXnlF9KV3EM%2BeSG9ECYIy9riBIc8EZ3V53cGupJuOpDS%2FPw1PHKEEwdB8hoaU8%2BvwE7%2BLxKxpqw3zb1HoU9S0CTVPO4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 6nLy1oZDiI0GDEsA2cGfRKjp8Mm1fRS8
cf-ray: 671b5c689ebd32b8-CDG
expires: Tue, 19 Jul 2022 02:04:03 GMT

GET
H2 200 box-25a418976ea02a6f393fbbe77cec94bb.html Show response
vars.hotjar.com/ Frame F414 2 KB
1 KB 100ms
33ms Document
text/html 13.226.145.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2012270.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-103.dus51.r.cloudfront.net
Software: /
Resource Hash: 7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-25a418976ea02a6f393fbbe77cec94bb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://login.fundsforngospremium.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://login.fundsforngospremium.com/

Response headers

content-type: text/html
content-length: 1044
date: Sun, 18 Jul 2021 00:16:30 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "76922233be8bdb14c053af468d29404a"
last-modified: Thu, 15 Jul 2021 14:16:09 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 129372028f60828d8c084fb619a69bc0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: bIQ_Xpv2XwK_kUq4FsX11TIYQ-EZrCc-66wmIPqPkWauz4NHh_HGzw==
age: 208030

GET
H2 200 config Show response
fundsforngos.zendesk.com/embeddable/ 987 B
1 KB 223ms
157ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fundsforngos.zendesk.com/embeddable/config

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f2199f63-1092-48a5-9ae0-0f4e4ab2a41b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aff644c37108a091e3f937bbd1bbfde3385ccf15b2a3e163ca8f69232079667

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://login.fundsforngospremium.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-8494c57655-lr4hn
access-control-allow-methods: GET
vary: Origin, Accept-Encoding
x-request-id: 671b5c695c1b3312-IAD
x-runtime: 0.001938
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McrGC30JCTB1IiD%2FB7kkxGZ%2FLpV4s8w6I6%2BEPaXROnPs%2Bst4SsAzs8uJ5dX15YiuInSEQnGQ%2B%2BmGYwbwIZbsjfsYZtFvm%2BulWwj271K79UanbgJKHjcMgNzpckiB5ngD%2FFH8l4hkEFvS5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 671b5c695c1b3312-CDG

GET
H2 200 en-us-json-0bb290390234d50b5b48.js Show response
static.zdassets.com/web_widget/latest/web-widget-locales/ Frame BC5C 30 KB
7 KB 30ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-locales/en-us-json-0bb290390234d50b5b48.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f57246e5f27153c76daec585bc2b7750bbe70ccf26170cfa969b1695029d830a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33572
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: R061EBB5XNZB7HYK
x-amz-id-2: Sfu3cwPcUIvQ9oIffoVRdHlrWjqtKpRlfYtoyTExxSGLKKgOa4Cvd7iZlevQYC2HbvtJSWBePPQ=
last-modified: Mon, 19 Jul 2021 02:03:31 GMT
server: cloudflare
etag: W/"91c6bc5145ec015d9bf9fa3cca8fbc3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TssAtW47DXIgzXX8nJF7lqUWo9j%2F83ErH%2B%2F7%2FYwcPc4kKcaECiGsD%2Fy3aL2oQ%2FGmVSmDQNO6EQyl%2FLqeSTiKgvj7WLo8f0vD9dVOskSXQHrZQYuFy%2FY5hV9LeUqJ7aHh0peqsT8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: oXNy6XHZkwcX2fiLZSnNBobLpk26WyxA
cf-ray: 671b5c6a58e032b8-CDG
expires: Tue, 19 Jul 2022 02:03:30 GMT

GET
H2 200 web-widget-6734-744883c66fb02df2fce0.js Show response
static.zdassets.com/web_widget/latest/ Frame BC5C 315 KB
95 KB 51ms
50ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-6734-744883c66fb02df2fce0.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f2f72e5f0a79efadb8f7e55116037d754eb85c1c8441ac532a669d69e70ddf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33575
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: R0EKKTZA9ARNVJ6R
x-amz-id-2: AaCulaNPnbvAm8xShIMoxh3eocPRh4V/p3Le7YTfjbf3h9XkXYF57ZQIG0jomwanfL+t9AG5uGE=
last-modified: Mon, 19 Jul 2021 02:04:04 GMT
server: cloudflare
etag: W/"b3e9ce3721be60e543698310d8d133ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JeUS%2BWJ00eaWdRXgbvG%2BEW32l2swL3PL%2F%2FDHSwZxukd0neVIYYTsMK3n7YOMfNlPCRHIbgZa1a6z%2BQ%2FKHc2PqxBuM596pS86bo%2B10SC0lHd0FauibRGKpDde59JpcxQMwXoDe0A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: 46_puziz7b3UnwDtKlkvUBXIudvmBDfV
cf-ray: 671b5c6a68e832b8-CDG
expires: Tue, 19 Jul 2022 02:04:03 GMT

GET
H2 200 web-widget-7800-6a0dc55989d95923b599.js Show response
static.zdassets.com/web_widget/latest/ Frame BC5C 107 KB
31 KB 48ms
48ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-7800-6a0dc55989d95923b599.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10e19b4f417ae1fb8b36c1bdcd18e733976ad1d41f53083e40e8c0a1e1f03bb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33572
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: R06DZ05REEEZ1XYJ
x-amz-id-2: nYfEOC2OVIxzY3RNmeaUKC1FIsr3GJnt9IDW2nQkJOeK/LTmqaU+eTK1f28MksEf/WrNZRpd/jA=
last-modified: Mon, 19 Jul 2021 02:04:05 GMT
server: cloudflare
etag: W/"00cac4d5f8cdb01b6173b753b0355a78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLMaCUVLFZY22ZX8fswsX2755r2R2Idq7fNfWBtTvzSe40j1XiA9yDXqttnf%2BMfjXCaTvrG2R4%2BUmEENg90wrq%2FbB2v1rnPZJpkUK7vzfTp8g%2BYycVLLA0ZEIsJvlxI17y8fCyo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: vqgWt2SR7UT2jNMldAIyznswbs_rQhHH
cf-ray: 671b5c6a68ea32b8-CDG
expires: Tue, 19 Jul 2022 02:04:04 GMT

GET
H2 200 web_widget-08ef2ab0c42a7470fb6b.js Show response
static.zdassets.com/web_widget/latest/web-widget-lazy/ Frame BC5C 416 KB
90 KB 28ms
27ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-lazy/web_widget-08ef2ab0c42a7470fb6b.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6a0126f7ab508b207828b8c37251af1e9d9afb9c7dc082401df5a08f7cd061e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 22313
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: ZFRN03HM25YRR6W7
x-amz-id-2: pa560i8Yvv0Sb7apISqpBPx2cogFa+8Ibde3GvxxBRfjzPtm9oy+sQFVxu4swnKLIvG1kBpoSMk=
last-modified: Mon, 19 Jul 2021 00:56:51 GMT
server: cloudflare
etag: W/"461c5fd0a5feb55b0104c60fce992870"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wSJBsY66luozgBivmwluYxUwLM%2FZhScGHyF2cVoLouTCZcwLGZM60TIOAuMY9209B64E6LEdifsxUlBsPc3Sm0CqGTgmyntm72mc6g09DlSqoryD2C%2FmGWbYaXALRZPNDtoo%2BLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: tbZEZYSKwfHES7EZmq4_XQGCFCUu8NxF
cf-ray: 671b5c6a68ec32b8-CDG
expires: Tue, 19 Jul 2022 00:56:50 GMT

GET
H2 200 embeddable_blip Show response
fundsforngos.zendesk.com/ Frame BC5C 0
359 B 131ms
131ms XHR
text/plain 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fundsforngos.zendesk.com/embeddable_blip?type=pageView&data=eyJjaGFubmVsIjoid2ViX3dpZGdldCIsInBhZ2VWaWV3Ijp7InJlZmVycmVyIjoiaHR0cHM6Ly9sb2dpbi5mdW5kc2Zvcm5nb3NwcmVtaXVtLmNvbS8iLCJ0aW1lIjoyNiwibG9hZFRpbWUiOjUzLjYwMDAwMDM4MTQ2OTczLCJuYXZpZ2F0b3JMYW5ndWFnZSI6ImVuLVVTIiwicGFnZVRpdGxlIjoiU2lnbiBJbiAtIGZ1bmRzZm9yTkdPcyBQcmVtaXVtIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwiaXNNb2JpbGUiOmZhbHNlLCJpc1Jlc3BvbnNpdmUiOnRydWUsInZpZXdwb3J0TWV0YSI6IndpZHRoPWRldmljZS13aWR0aCwgaW5pdGlhbC1zY2FsZT0xLjAiLCJoZWxwQ2VudGVyRGVkdXAiOmZhbHNlfSwiYnVpZCI6IjdkZmU2NDFhMjJhZWNhN2JiMzg2MjBhYzU1N2MwOTE4Iiwic3VpZCI6ImE3M2MxMWFhYWM0NDllYzNkOTYxZGE0MTA5Y2I0NjZhIiwidmVyc2lvbiI6ImJhMzQ0MDciLCJ0aW1lc3RhbXAiOiIyMDIxLTA3LTIwVDEwOjAzOjQwLjY4M1oiLCJ1cmwiOiJodHRwczovL2xvZ2luLmZ1bmRzZm9ybmdvc3ByZW1pdW0uY29tLyJ9

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-framework-59cc049cbdce20aa9d43.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:40 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g44U6nSFQWZHtPMgGoen%2BZ0RD8%2BHzuJplB96viSAa%2FlHC97xiVgWgLPWaW4J3biiAZ7x0je8t%2Fe55Juy8ej5nUUOwZgJcV4R7nIFYJBt4CykEkU2eT9cHKvwc3gHtKUnHH4G%2Ft9xSy7LQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://login.fundsforngospremium.com
accept-ranges: bytes
cf-ray: 671b5c6b5e683312-CDG
vary: Accept-Encoding
content-length: 0
x-request-id: eaabf70b5c0274af14e1f12833237ca4

GET
H2 200 web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js Show response
static.zdassets.com/web_widget/latest/ Frame BC5C 337 B
895 B 29ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/web-widget-chat-incoming-message-notification-bdfd1edd38ba2ec92175.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/latest/web-widget-preload-d40137b4838a3606af9c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:03:41 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 33569
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-request-id: 41XK3YVGSQWT8AMH
x-amz-id-2: LcB6Q+ID4UCougujCW3oKT38VKN9QWGKUbw3htTdQH27N7Fntc4pIyH0MWKN52opa7qEX5WuKlI=
last-modified: Mon, 19 Jul 2021 02:04:04 GMT
server: cloudflare
etag: W/"200371227ff3b0fb85badb2d2faef3b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=77TvgBukTTdwOgr8r%2BqcnFsYF%2B5H3%2BogeWfhd6wv1hJ6bdptO%2F%2BC1FdwlZPm0Cgdxq2eMCeH4fEffY9KpOP4QMY%2BH%2B9q4jAJrj0hUTI6o2ge2Ov61bbRfiQypC35qK9CB8nkgA4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
x-amz-version-id: ___O_wFiyDX4A56Xq4fDhtClHpW0qk0i
cf-ray: 671b5c6d9d1632b8-CDG
expires: Tue, 19 Jul 2022 02:04:03 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/latest/ Frame BC5C 19 KB
20 KB 68ms
68ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 20 Jul 2021 10:03:41 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1ZKW6EYE2HP2N5EP
x-amz-server-side-encryption: AES256
cf-ray: 671b5c6e0d9632b8-CDG
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: t/s5hMws/zhpvTbFrHtbGwPpjCs/oqtAdHZpTXPQXflH2aAXwDxZGFrEvUSXVd0tO+gwA5Vq3lE=
last-modified: Tue, 20 Jul 2021 07:07:25 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bwf94cSy2GORdZSPkn37pNwlsWDQTjrbrookCS70rZ7%2FNYQy%2FBUux9UhE%2BAODQOhlGXmMwEQu7xyoawmmR9sCicHBhIv%2Ffu2DG63%2FvJK3fnkUFj4SBV6loMCK%2BiA%2BlgqkDM2zzQ%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: eutH_2ppx_cIAlJGKV17njdK_T6qBCbZ
cache-control: public, max-age=31536000
accept-ranges: bytes
content-type: audio/mpeg; charset=utf-8
expires: Wed, 20 Jul 2022 07:07:24 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.fundsforngospremium.com/	1970-01-19 19:52:57	Name: _hjFirstSeen Value: 1
.fundsforngospremium.com/	1970-01-20 04:38:31	Name: _hjid Value: ae2ecf63-2c8e-4156-ac85-3e4c25f7ad18
.fundsforngospremium.com/	1969-12-31 23:59:59	Name: _hjTLDTest Value: 1
login.fundsforngospremium.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: etrztpw4hlwetegr1p4dzqil

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://login.fundsforngospremium.com/js/myjs/geoTargetly.js(Line 1) Message: geotargetly_loaded start

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ekr.zdassets.com
fonts.googleapis.com
fonts.gstatic.com
fundsforngos.zendesk.com
geo-targetly.com
geotargetly-1a441.appspot.com
login.fundsforngospremium.com
script.hotjar.com
static.hotjar.com
static.notifia.io
static.zdassets.com
vars.hotjar.com
104.16.51.111
104.18.70.113
104.18.72.113
13.226.145.103
13.226.145.55
13.226.145.77
2001:4860:4802:36::15
2606:4700:10::6816:fe6
2606:4700:3032::6815:51ef
2a00:1450:4001:800::2003
2a00:1450:4001:82f::2014
2a00:1450:4001:831::200a
02966eeb5dfde80f28dc9c7f39eadfa8fc88ec6b76aeea954ba87ee04d8109d1
09ad1979d8a704171ed7ed4b471c81c878e60fda7bffb996b1b47c23cc8e6d5d
0a77ebced88a45b7146f3e8b0359f37d658f0f6e0eb481583ee9319cb601d893
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
10e19b4f417ae1fb8b36c1bdcd18e733976ad1d41f53083e40e8c0a1e1f03bb1
1141ffcaccd84720cabcc0786083a9ed74803da3a7a35dee016c8b53486e1820
1249024baf0e2f454012015a71703f05326afda42d7672317e2e594b8cf28597
144524233f795d6a425b76f7ae5c0bb622b5f67e2e6ae73532ad526528ca07cf
16cc547456ffa0052c3679e6c5ece2e14ad57c92b93562deb7bcb5829b7afcb7
1bb8de3b3ae70e3ce2854c5a40b1d0899e4a005b7d3d5b67d552a3af69772737
1eea651ad3c25c836a02f4ab84ad41e9a168c0cf09801d303e6822b83891789c
2d2416606117351dda49277b74c02c6f1dee29527cc944d593ac25d19ac5e763
33a3064d0209c225219c12029eaf71e1b0949f23512d9a25f630d16ff0fb8f7c
3a09e10f9743e3df4276f9a05036d72d15cc806e249e1b7e7fa8737862a81d11
3a3ab89bc8d4feb680748ba773ff13a07c2db610c1308ec9c12040aa9b65d46b
3e6fa40a3de224420a3b06bb989d4ab052a7ac6db71fc8b15e9d2a371a3cbcb2
3f5c7103a5a2bb450a1fc1431c135b84e880d6127e0d7e02e7082cbb6e7b8c81
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
4094b87cef5a9a1e4e6fcbed73e7516caaddcb61780afe636a82285abd1a111a
412752ed1c97f0aef8acf02f8ced68186ecdf81b8182f11c981b1e3436748c52
42ef0bf401db68702e230dec3b3f94e761875118cfaf80bed2a7ea706712d0ac
43e849c06829b3240ef075b053aad3b34c615b9914801c69c061f0e575749d62
4d01a5693cfe33ad90a1cc834e13686f938684d3e5fc9d827c8701ded41e1f16
5f597583f3f3781adce860cd618485b524c79b5e34a68f99718379098b2bb677
764c350ccd8d0911436e77f23fbf24246319f25992410fbd1a55545780386bde
790b236022be5a732fc16876483d2c76cf564a6e35da0c636bcf5c54ffec96d6
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7caa2c06cbcd21c051487ec84370bf55b7ff56763577c77225bd7a2424bdce0c
8aff644c37108a091e3f937bbd1bbfde3385ccf15b2a3e163ca8f69232079667
90741af73a355376e00cee40c843d725ee17fd50dd102b198b04033718ad4271
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
9cd9c2d5dc590284c1c7c3edf64589f6e50236729ad206bb807fad4f13567960
9e438f02e5b74b44471f238b9cea28eb3c3466ac47bc1864f93d88a3ccf4b65e
9f2f72e5f0a79efadb8f7e55116037d754eb85c1c8441ac532a669d69e70ddf2
9f5be0f673361697b255e5ca6d2b3a85eb40e480af3faa8c30174d2d02a50300
9f7216d2f53a731d9749077c22e15cfb38bcdc40806511ccf736f440c7569d64
a0444d309dcb96f091176ba01136e8bea9fdcffa24220ed2a7aea15650fd18be
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b21c73b12d05294d22b53430e527000d38361b509375b6cdf7dc23c2ebd3a4ba
be4f5b6de2f17ff34c98a016f54455b116f17dcd0d0dbe9d3e3e36dfc6856fec
c424a8899846443ad33cd4d5f3b8c490f4925a2dc25ebc5617a9f5473b66f420
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
d01ea2db29ba80e1af6dd1c8694644dc8bda67b664e5e3e93e797cd97ff03612
d431115b4453bc65ca9bfbfe71d104b51d93f59f338f4d3d14931e5c5173fdfa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e468c6f40f428fa6610c158b24412b688f68f83602da492300f97dace461cdae
e6a0126f7ab508b207828b8c37251af1e9d9afb9c7dc082401df5a08f7cd061e
eee2832920de823a77ade71ddf71f135ef58d3d7aa14c2e48036e1faec3c2762
f57246e5f27153c76daec585bc2b7750bbe70ccf26170cfa969b1695029d830a
f9b86ec0dc87f9bac46d54793f3871c7a54f547d756c36813b0e058d95b5193d
fada2e501e3e451893de2b97bb6bb9662376cf0cd69017622b6909532560cbfe
fc487e64c8c8a9c4962f61b0fbe2601a14be606089f62b41e0820e42153a2091
fe11c62ffe0b69fd47bc342554ccffcd9f54598e47be6d1ea018b03046c41f9d

login.fundsforngospremium.com Open in urlscan Pro 2606:4700:10::6816:fe6 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

50 %IPv6

9 Domains

12 Subdomains

12 IPs

2 Countries

782 kBTransfer

2484 kBSize

4 Cookies

13 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

login.fundsforngospremium.com Open in urlscan Pro
2606:4700:10::6816:fe6 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

50 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

782 kB
Transfer

2484 kB
Size

4
Cookies

57 HTTP transactions
0 data transactions