Submitted URL: https://billneedsakidney.com.billneedsakidney.com/
Effective URL: https://nkr.org/GAZ879/
Submission: On January 08 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 27 HTTP transactions. The main IP is 50.57.6.182, located in United States and belongs to RACKSPACE, US. The main domain is nkr.org.
TLS certificate: Issued by Thawte RSA CA 2018 on November 12th 2021. Valid for: a year.
This is the only time nkr.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
20 nkr.org
nkr.org
6 MB
5 gstatic.com
fonts.gstatic.com
www.gstatic.com
219 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 8
967 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
1 billneedsakidney.com
billneedsakidney.com.billneedsakidney.com
129 B
27 5
Domain Requested by
20 nkr.org nkr.org
4 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com www.google.com
1 www.google.com nkr.org
1 fonts.googleapis.com nkr.org
1 billneedsakidney.com.billneedsakidney.com 1 redirects
27 6

This site contains links to these domains. Also see Links.

Domain
www.kidneyregistry.org
www.facebook.com
www.linkedin.com
twitter.com
www.youtube.com
Subject Issuer Validity Valid
nkr.org
Thawte RSA CA 2018
2021-11-12 -
2022-12-12
a year crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-29 -
2022-02-21
3 months crt.sh

This page contains 1 frames:

Primary Page: https://nkr.org/GAZ879/
Frame ID: C41D21E14ED1E65EA7A0087548308AE8
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

William Hunnewell Needs a Kidney | Can You Help?

Page URL History Show full URLs

  1. https://billneedsakidney.com.billneedsakidney.com/ HTTP 301
    https://nkr.org/GAZ879/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

27
Requests

100 %
HTTPS

83 %
IPv6

5
Domains

6
Subdomains

5
IPs

2
Countries

6231 kB
Transfer

7707 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://billneedsakidney.com.billneedsakidney.com/ HTTP 301
    https://nkr.org/GAZ879/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
nkr.org/GAZ879/
Redirect Chain
  • https://billneedsakidney.com.billneedsakidney.com/
  • https://nkr.org/GAZ879/
3 KB
2 KB
Document
General
Full URL
https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
eb64aa6aa4e5df60d7543db718104e25ff077a47ae9c4f62fe7696c3d89f1a79

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Transfer-Encoding
chunked
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-Powered-By
ASP.NET
Date
Sat, 08 Jan 2022 01:59:57 GMT

Redirect headers

location
https://nkr.org/GAZ879/
date
Sat, 08 Jan 2022 02:01:10 GMT
content-type
text/html; charset=UTF-8
server
ghs
content-length
220
x-xss-protection
0
x-frame-options
SAMEORIGIN
vendor.css
nkr.org/dist/
975 KB
794 KB
Stylesheet
General
Full URL
https://nkr.org/dist/vendor.css?v=UNFtmdCo7PrzNfi3mokYu7fYQBShIw7iCvEYwWUvN-A
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
50d16d99d0a8ecfaf335f8b79a8918bbb7d84014a1230ee20af118c1652f37e0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 01:04:08 GMT
X-Powered-By
ASP.NET
ETag
"1d802994eac0974"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
site.css
nkr.org/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://nkr.org/css/site.css?v=DJBqSRMyeHM8Sk2hzbN_GabQJZHjcsOwqhZmOvjSWUI
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0c906a49133278733c4a4da1cdb37f19a6d02591e372c3b0aa16663af8d25942

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
X-Powered-By
ASP.NET
ETag
"1d721dd4633a4f8"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
microsite.css
nkr.org/css/
21 KB
6 KB
Stylesheet
General
Full URL
https://nkr.org/css/microsite.css?v=fkocUIzodSQZLSRvzao_OMQPIOKvsCcvAHF9u3lAdzQ
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
7e4a1c508ce87524192d246fcdaa3f38c40f20e2afb0272f00717dbb79407734

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
X-Powered-By
ASP.NET
ETag
"1d721dd4633fcd0"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
main-client.css
nkr.org/dist/
272 B
555 B
Stylesheet
General
Full URL
https://nkr.org/dist/main-client.css?v=gLYHrvwbFK5en0G5H7UqCPs7wnKxRyXzUzD1tBjh3Y8
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
80b607aefc1b14ae5e9f41b91fb52a08fb3bc272b14725f35330f5b418e1dd8f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 01:04:08 GMT
X-Powered-By
ASP.NET
ETag
"1d802994ea33510"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Accept-Ranges
bytes
css
fonts.googleapis.com/
8 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,700
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0f36643f17fd2f76b0c5d000e00096eb0ae610d9c6ecd7f92e5e99b73d7cc605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 08 Jan 2022 02:01:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 08 Jan 2022 02:01:11 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 08 Jan 2022 02:01:11 GMT
api.js
www.google.com/recaptcha/
850 B
967 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b655579f520f29e1d87f6bc6039d68386234b8b0f2cbe3ddca9c88a336fdcd9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 02:01:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Sat, 08 Jan 2022 02:01:11 GMT
vendor.js
nkr.org/dist/
1 MB
533 KB
Script
General
Full URL
https://nkr.org/dist/vendor.js?v=QR4uwPbBuo07VWbC1Hz86GQy6TB-cLkyipZaCy5IQ_o
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
411e2ec0f6c1ba8d3b5566c2d47cfce86432e9307e70b9328a965a0b2e4843fa

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 01:04:08 GMT
X-Powered-By
ASP.NET
ETag
"1d802994eb6a9b6"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
main-client.js
nkr.org/dist/
299 KB
88 KB
Script
General
Full URL
https://nkr.org/dist/main-client.js?v=sHi70wd6iF2e27M84q7Z332ZH_Uyk7wc7i0kgvAO95A
Requested by
Host: nkr.org
URL: https://nkr.org/GAZ879/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
b078bbd3077a885d9edbb33ce2aed9df7d991ff53293bc1cee2d2482f00ef790

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 01:59:58 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Jan 2022 01:04:08 GMT
X-Powered-By
ASP.NET
ETag
"1d802994ea79ee9"
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Accept-Ranges
bytes
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nkr.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 04:37:19 GMT
x-content-type-options
nosniff
age
249832
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 04:37:19 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/
352 KB
140 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nkr.org/
Origin
https://nkr.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 23:45:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8120
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142561
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 23:45:51 GMT
GAZ879
nkr.org/microsite/
4 KB
4 KB
XHR
General
Full URL
https://nkr.org/microsite/GAZ879
Requested by
Host: nkr.org
URL: https://nkr.org/dist/vendor.js?v=QR4uwPbBuo07VWbC1Hz86GQy6TB-cLkyipZaCy5IQ_o
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4e616ef5ebaf23785b7d9f6bb82236a3777604a16345229f41851e7128de2078

Request headers

Accept
application/json, text/plain, */*
Referer
https://nkr.org/GAZ879/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
bg-profile.png
nkr.org/images/
10 KB
10 KB
Image
General
Full URL
https://nkr.org/images/bg-profile.png
Requested by
Host: nkr.org
URL: https://nkr.org/css/microsite.css?v=fkocUIzodSQZLSRvzao_OMQPIOKvsCcvAHF9u3lAdzQ
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
effd6b6661c6a7ade919c54ffef8fce99d81bb33732e2cbd2f4a183be116e6c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/css/microsite.css?v=fkocUIzodSQZLSRvzao_OMQPIOKvsCcvAHF9u3lAdzQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd463388fd"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
9981
Content-Type
image/png
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nkr.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 06:44:42 GMT
x-content-type-options
nosniff
age
69390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 07 Jan 2023 06:44:42 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/
19 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nkr.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 20:14:30 GMT
x-content-type-options
nosniff
age
193602
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 20:14:30 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v18/
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,400i,500,500i,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://nkr.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 18:02:31 GMT
x-content-type-options
nosniff
age
287921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20248
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 18:02:31 GMT
nkr-logo-white.svg
nkr.org/images/
16 KB
16 KB
Image
General
Full URL
https://nkr.org/images/nkr-logo-white.svg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
76bc63b7e9ce8aa31f2d3aad83217547ff9334d58da171d1d3fce506dbcae849

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd46339008"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
15880
Content-Type
image/svg+xml
image
nkr.org/microsite/
39 KB
39 KB
Image
General
Full URL
https://nkr.org/microsite/image?filename=53c7a2d9a4e3fb0a46d987530f7df9b7.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
85926bf8a585ad49d27a17fc24afc6748f05babfc49f3ab2c5f1d449c090444d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
Content-Disposition
attachment; filename=53c7a2d9a4e3fb0a46d987530f7df9b7.jpg; filename*=UTF-8''53c7a2d9a4e3fb0a46d987530f7df9b7.jpg
X-Powered-By
ASP.NET
Content-Length
39959
Content-Type
image/jpeg
image
nkr.org/microsite/
1 MB
1 MB
Image
General
Full URL
https://nkr.org/microsite/image?filename=6293f5c2faf9bdbdc5a6ce0ee7b2031e.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
4a222e40995b9a85ceef1114739c91a2e70b051e12d0e43246afebd87da13322

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
Content-Disposition
attachment; filename=6293f5c2faf9bdbdc5a6ce0ee7b2031e.jpg; filename*=UTF-8''6293f5c2faf9bdbdc5a6ce0ee7b2031e.jpg
X-Powered-By
ASP.NET
Content-Length
1404418
Content-Type
image/jpeg
image
nkr.org/microsite/
682 KB
682 KB
Image
General
Full URL
https://nkr.org/microsite/image?filename=b9685072c38f524194c25f66cc26f48e.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
53193055b477b266a1bd275503a2b25b0f6e7f840f0ea038f7b1c7d922df7fcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
Content-Disposition
attachment; filename=b9685072c38f524194c25f66cc26f48e.jpg; filename*=UTF-8''b9685072c38f524194c25f66cc26f48e.jpg
X-Powered-By
ASP.NET
Content-Length
698552
Content-Type
image/jpeg
image
nkr.org/microsite/
2 MB
2 MB
Image
General
Full URL
https://nkr.org/microsite/image?filename=7c2643fa3c1f87bba32402c2e13c2851.JPG
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
83bac68108f85dc75ea6fff4dd833d2330e66d85142f485a8fff2b3a1dbc85d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
Content-Disposition
attachment; filename=7c2643fa3c1f87bba32402c2e13c2851.JPG; filename*=UTF-8''7c2643fa3c1f87bba32402c2e13c2851.JPG
X-Powered-By
ASP.NET
Content-Length
2499898
Content-Type
image/jpeg
icon-kidneys.svg
nkr.org/images/
1 KB
1 KB
Image
General
Full URL
https://nkr.org/images/icon-kidneys.svg
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
cb94a452936707f949567fa42926ebbdd4d46ae3a285ad6b9a226a314ccbe73a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd4633aa2d"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
1069
Content-Type
image/svg+xml
f_logo_RGB-Blue_58.png
nkr.org/images/
2 KB
3 KB
Image
General
Full URL
https://nkr.org/images/f_logo_RGB-Blue_58.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
055b86bac8b7e6902f4cce2ff8c77d055cb439f2f94e9c784c968a0f9a5fd7ef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd4633a7a1"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
2465
Content-Type
image/png
linkedIn_PNG38.png
nkr.org/images/
5 KB
5 KB
Image
General
Full URL
https://nkr.org/images/linkedIn_PNG38.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
f083f2e59ef1a81881a2efbd4308d6c9400330829e4b0f82a8dc15cb5d8960c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd4633bae9"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
5353
Content-Type
image/png
580b57fcd9996e24bc43c53e.png
nkr.org/images/
4 KB
4 KB
Image
General
Full URL
https://nkr.org/images/580b57fcd9996e24bc43c53e.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
3054edb12326d858feb0fb3a25e314b0af2d2329091a534ff1e49499565b4009

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd4633a10f"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
3855
Content-Type
image/png
6260efc8fc9a9002669d2f4ad9956cc0.png
nkr.org/images/
8 KB
8 KB
Image
General
Full URL
https://nkr.org/images/6260efc8fc9a9002669d2f4ad9956cc0.png
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
0788479a8aa97da24f5f765716756b3fcb8a2a5f78e17a04858854231bb9d8b0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://nkr.org/GAZ879/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
ETag
"1d721dd4633b018"
Last-Modified
Fri, 26 Mar 2021 01:13:48 GMT
Accept-Ranges
bytes
X-Powered-By
ASP.NET
Content-Length
7704
Content-Type
image/png
initial
nkr.org/microsite/GAZ879/stats/
16 B
181 B
XHR
General
Full URL
https://nkr.org/microsite/GAZ879/stats/initial
Requested by
Host: nkr.org
URL: https://nkr.org/dist/vendor.js?v=QR4uwPbBuo07VWbC1Hz86GQy6TB-cLkyipZaCy5IQ_o
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
50.57.6.182 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Accept
application/json, text/plain, */*
Referer
https://nkr.org/GAZ879/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Sat, 08 Jan 2022 02:00:00 GMT
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onsecuritypolicyviolation object| onslotchange object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| webpackJsonp object| scCGSHMRCache function| _ function| setImmediate function| clearImmediate

1 Cookies

Domain/Path Name / Value
nkr.org/ Name: nkr-microsite
Value: %7B%22initialVisit%22%3Atrue%2C%22learnMoreVisit%22%3Afalse%2C%22eligibleVisit%22%3Afalse%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

billneedsakidney.com.billneedsakidney.com
fonts.googleapis.com
fonts.gstatic.com
nkr.org
www.google.com
www.gstatic.com
2a00:1450:4001:801::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:828::2004
2a00:1450:4001:829::2003
2a00:1450:4001:829::2013
50.57.6.182
055b86bac8b7e6902f4cce2ff8c77d055cb439f2f94e9c784c968a0f9a5fd7ef
0788479a8aa97da24f5f765716756b3fcb8a2a5f78e17a04858854231bb9d8b0
0c906a49133278733c4a4da1cdb37f19a6d02591e372c3b0aa16663af8d25942
0f36643f17fd2f76b0c5d000e00096eb0ae610d9c6ecd7f92e5e99b73d7cc605
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3054edb12326d858feb0fb3a25e314b0af2d2329091a534ff1e49499565b4009
411e2ec0f6c1ba8d3b5566c2d47cfce86432e9307e70b9328a965a0b2e4843fa
4a222e40995b9a85ceef1114739c91a2e70b051e12d0e43246afebd87da13322
4e616ef5ebaf23785b7d9f6bb82236a3777604a16345229f41851e7128de2078
50d16d99d0a8ecfaf335f8b79a8918bbb7d84014a1230ee20af118c1652f37e0
53193055b477b266a1bd275503a2b25b0f6e7f840f0ea038f7b1c7d922df7fcd
76bc63b7e9ce8aa31f2d3aad83217547ff9334d58da171d1d3fce506dbcae849
7e4a1c508ce87524192d246fcdaa3f38c40f20e2afb0272f00717dbb79407734
80b607aefc1b14ae5e9f41b91fb52a08fb3bc272b14725f35330f5b418e1dd8f
83bac68108f85dc75ea6fff4dd833d2330e66d85142f485a8fff2b3a1dbc85d2
85926bf8a585ad49d27a17fc24afc6748f05babfc49f3ab2c5f1d449c090444d
b078bbd3077a885d9edbb33ce2aed9df7d991ff53293bc1cee2d2482f00ef790
b655579f520f29e1d87f6bc6039d68386234b8b0f2cbe3ddca9c88a336fdcd9e
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb94a452936707f949567fa42926ebbdd4d46ae3a285ad6b9a226a314ccbe73a
eb64aa6aa4e5df60d7543db718104e25ff077a47ae9c4f62fe7696c3d89f1a79
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6
effd6b6661c6a7ade919c54ffef8fce99d81bb33732e2cbd2f4a183be116e6c8
f083f2e59ef1a81881a2efbd4308d6c9400330829e4b0f82a8dc15cb5d8960c6