help-fund-ukraine.org Open in urlscan Pro
198.54.114.155  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response help-fund-ukraine.org/	29 KB 11 KB	640ms 299ms	Document text/html	198.54.114.155 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.114.155 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server71-1.web-hosting.com Software LiteSpeed / PHP/7.2.34 Resource Hash 6f28d8bdbd636a3987ab414a2bca1a74a5b9374507dc01bc2ca2f00f867450ba Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-powered-by PHP/7.2.34 content-type text/html; charset=UTF-8 content-encoding br vary Accept-Encoding date Tue, 08 Mar 2022 06:00:39 GMT server LiteSpeed x-turbo-charged-by LiteSpeed
GET H2	404	google_tag.script.js help-fund-ukraine.org/sites/default/files/google_tag/primary/	0 0	152ms 150ms	Script text/html	198.54.114.155 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://help-fund-ukraine.org/sites/default/files/google_tag/primary/google_tag.script.js?r7tuc2 Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 198.54.114.155 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server71-1.web-hosting.com Software LiteSpeed / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 08 Mar 2022 06:00:40 GMT cache-control private, no-cache, no-store, must-revalidate, max-age=0 x-turbo-charged-by LiteSpeed server LiteSpeed content-length 1238 content-type text/html
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/	137 KB 22 KB	81ms 47ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/css/bootstrap.min.css Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://help-fund-ukraine.org/ Origin https://help-fund-ukraine.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:40 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 863, 718 access-control-allow-origin * cdn-cachedat 2022-02-23 12:52:16 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.0 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:04 GMT server cloudflare cdn-requestpullcode 200 etag W/"fee68c0f2f583161134a1fcb5950501d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid a20f6efc6547c3b753ac9d2443bb4b4d cf-ray 6e895a129f1dcc62-ZRH cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H/1.1	403 Forbidden	fonts.css cloud.typography.com/7240754/7940372/css/	0 0	1032ms 972ms	Stylesheet text/html	104.111.232.231 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cloud.typography.com/7240754/7940372/css/fonts.css Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.111.232.231 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-232-231.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	css_9m8-tA3IQf8ThlLQYTTZUyEweCvyR908Tg0XCbKYOfY.css support.crs.org/sites/default/files/css/	7 KB 3 KB	850ms 280ms	Stylesheet text/css	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://support.crs.org/sites/default/files/css/css_9m8-tA3IQf8ThlLQYTTZUyEweCvyR908Tg0XCbKYOfY.css Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f66f3eb40dc841ff138652d06134d9532130782bf247dd3c4e0d1709b29839f6 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"620678d3-1b00" age 302871 x-pantheon-styx-hostname styx-fe2-a-854c9bcdfb-5k4wl x-cache HIT, HIT x-cloud-trace-context 40d1d83cba844afaa181f8e1632ea07d/6897397804740211534;o=0 content-length 2153 x-served-by cache-mdw17368-MDW, cache-maa10224-MAA last-modified Fri, 11 Feb 2022 14:55:15 GMT server nginx traceparent 00-40d1d83cba844afaa181f8e1632ea07d-5fb87ac26a19734e-00 x-timer S1646719241.803883,VS0,VE1 date Tue, 08 Mar 2022 06:00:40 GMT vary Accept-Encoding content-type text/css via 1.1 varnish, 1.1 varnish expires Wed, 01 Mar 2023 20:30:51 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id 51ec5521-98d5-11ec-934f-4a8c89ef3871 x-cache-hits 1, 1
GET H2	200	css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css support.crs.org/sites/default/files/css/	39 KB 11 KB	850ms 281ms	Stylesheet text/css	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 401f8a7869fd072f44e90a2936e87f31a1da226ec28f1898050fa796885ed630 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"620bfd70-9abe" age 302870 x-pantheon-styx-hostname styx-fe2-a-854c9bcdfb-2fxw6 x-cache HIT, HIT x-cloud-trace-context fdd15d63e2574dd3a12d50b034a2bb09/3717734455696648084;o=0 content-length 10592 x-served-by cache-mdw17338-MDW, cache-maa10224-MAA last-modified Tue, 15 Feb 2022 19:22:24 GMT server nginx traceparent 00-fdd15d63e2574dd3a12d50b034a2bb09-33980bca41076794-00 x-timer S1646719241.803969,VS0,VE1 date Tue, 08 Mar 2022 06:00:40 GMT vary Accept-Encoding content-type text/css via 1.1 varnish, 1.1 varnish expires Sun, 05 Mar 2023 15:38:44 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id 2d00c0ff-9bd1-11ec-bfa3-96c37c48ed2d x-cache-hits 1, 1
GET H/1.1	200 OK	at.js Show response d1aqhv4sn5kxtx.cloudfront.net/actiontag/	844 KB 240 KB	35ms 8ms	Script application/javascript	108.138.24.196 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 108.138.24.196 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-138-24-196.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash 874edd5f4bde7c59b6be5897835f32740990d2af389d4ded57922556ea10f8e6 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 08 Mar 2022 04:38:47 GMT Content-Encoding gzip Age 4913 X-Cache Hit from cloudfront Connection keep-alive Content-Length 245558 Access-Control-Allow-Origin * Last-Modified Tue, 01 Mar 2022 15:33:08 GMT Server AmazonS3 ETag "45bb662fde11217adb4889a997a16cb2" Access-Control-Max-Age 3000 Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Via 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront) Cache-Control max-age=900, s-maxage=86400, public X-Amz-Cf-Pop FRA56-P7 Accept-Ranges bytes X-Amz-Cf-Id 80QIe21Hivmg3Iiq-Bnyi_4b10vqZxBnStRJrstJY86E0jf513QFYA==
GET H2	200	1200px-Outline_of_Ukraine.svg.png upload.wikimedia.org/wikipedia/commons/thumb/0/0f/Outline_of_Ukraine.svg/	18 KB 18 KB	91ms 36ms	Image image/webp	2620:0:862:ed1a::2:b WIKIMEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://upload.wikimedia.org/wikipedia/commons/thumb/0/0f/Outline_of_Ukraine.svg/1200px-Outline_of_Ukraine.svg.png Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US), Reverse DNS Software ATS/8.0.8 / Resource Hash 8de49af428a02a2743a243bec44bbe2f6ae81c3beec6e320aae3b0ac7cd980a7 Security Headers Name Value Strict-Transport-Security max-age=106384710; includeSubDomains; preload Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 14:04:43 GMT nel { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0} age 57357 x-cache-status hit-front x-cache cp3059 miss, cp3055 hit/66 content-disposition inline;filename*=UTF-8''Outline_of_Ukraine.svg.webp server-timing cache;desc="hit-front", host;desc="cp3055" content-length 18062 x-client-ip 2001:ac8:20:3b00:1012:af88:619b:e351 last-modified Tue, 22 Feb 2022 17:30:21 GMT server ATS/8.0.8 etag 2d28d32e6025831a3ec88add7c3b8634 strict-transport-security max-age=106384710; includeSubDomains; preload report-to { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] } content-type image/webp access-control-allow-origin * x-timestamp 1645551020.98133 permissions-policy interest-cohort=() accept-ranges bytes timing-allow-origin * access-control-expose-headers Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 84 KB	32ms 8ms	Script text/javascript	2a00:1450:4001:810::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 07 Mar 2022 17:09:25 GMT x-content-type-options nosniff age 46275 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 85578 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 07 Mar 2023 17:09:25 GMT
GET H2	200	lightcase.css www.crs.org/sites/all/themes/crs/css/	17 KB 4 KB	185ms 21ms	Stylesheet text/css	2606:4700:10::ac43:170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crs.org/sites/all/themes/crs/css/lightcase.css Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4870bae057c798d3f0f01dda825755b0ee09febb105bb778e2962e9111bf223d Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT content-encoding gzip cf-cache-status HIT age 1005004 x-pantheon-styx-hostname styx-fe3-b-5d7dc955b9-rp99f x-cache MISS, MISS x-cloud-trace-context e7650c7215dc484aae0a38fb42803fdc/3345401992284909071;o=0 strict-transport-security max-age=300 content-length 3533 x-served-by cache-mdw17355-MDW, cache-fra19160-FRA last-modified Wed, 23 Feb 2022 21:08:11 GMT server cloudflare traceparent 00-e7650c7215dc484aae0a38fb42803fdc-2e6d41632506ae0f-00 x-timer S1645714238.512787,VS0,VE185 etag W/"6216a23b-436e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/css via 1.1 varnish, 1.1 varnish expires Sat, 25 Feb 2023 14:50:37 GMT cache-control max-age=31622400 accept-ranges bytes cf-ray 6e895a194eed01fc-ZRH x-styx-req-id 20da5c3c-9581-11ec-af31-0e52f6655b65 x-cache-hits 0, 0
GET H2	200	lightcase.js Show response www.crs.org/sites/all/themes/crs/js/	53 KB 14 KB	98ms 24ms	Script application/x-javascript	2606:4700:10::ac43:170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.crs.org/sites/all/themes/crs/js/lightcase.js Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05ef239e521579561d6a59430738d43c4743e1c03fb250fc4a03866711b3e9c1 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT content-encoding gzip cf-cache-status HIT age 1005004 x-pantheon-styx-hostname styx-fe3-a-b5f76b597-wg5jq x-cache HIT, HIT x-cloud-trace-context bf4afc47ddf7499d88a8565543e3f616/10449872096489040615;o=0 strict-transport-security max-age=300 content-length 13702 x-served-by cache-mdw17339-MDW, cache-fra19126-FRA last-modified Tue, 22 Feb 2022 20:53:04 GMT server cloudflare traceparent 00-bf4afc47ddf7499d88a8565543e3f616-9105674e537eeae7-00 x-timer S1645714238.514177,VS0,VE115 etag W/"62154d30-d53b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript via 1.1 varnish, 1.1 varnish expires Fri, 24 Feb 2023 16:45:40 GMT cache-control max-age=31622400 accept-ranges bytes cf-ray 6e895a194eee01fc-ZRH x-styx-req-id 09070b26-94c8-11ec-863a-36b8125a7c73 x-cache-hits 1, 1
GET H2	200	Comodo-Secure-Seal.jpg cheapsslsecurity.com/p/wp-content/uploads/2019/07/	63 KB 64 KB	83ms 27ms	Image image/jpeg	104.22.75.85 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cheapsslsecurity.com/p/wp-content/uploads/2019/07/Comodo-Secure-Seal.jpg Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.22.75.85 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / ARR/3.0 Resource Hash 5295cbde8cf5711762ee17cb8bf4ae535cc8c8b87da029038ce272bd6eed62ec Security Headers Name Value Content-Security-Policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval'; Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * 'self' data: 'unsafe-inline' 'unsafe-eval'; vary Accept-Encoding x-permitted-cross-domain-policies none age 568802 x-fw-server Flywheel/4.1.0 date Tue, 08 Mar 2022 06:00:41 GMT pragma public referrer-policy strict-origin-when-cross-origin cf-bgj h2pri etag "5d28d9fe-fd3e" x-frame-options SAMEORIGIN content-type image/jpeg access-control-allow-origin domain cache-control public, max-age=2592000 x-fw-static YES strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT x-cacheable YES x-powered-by ARR/3.0 x-cache MISS content-length 64830 x-xss-protection 1; mode=block x-fw-type VISIT last-modified Fri, 12 Jul 2019 19:05:34 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-fw-hash s6iwul7r1t x-fw-serve TRUE permissions-policy geolocation=();fullscreen 'none'; microphone 'none'; accept-ranges bytes cf-ray 6e895a194eb8900a-FRA
GET H2	200	js_FakYiWsNdpUmX6Xx-j1kMthb4evGTUodjIbO2qXT4RU.js Show response support.crs.org/sites/default/files/js/	104 KB 40 KB	281ms 280ms	Script application/x-javascript	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://support.crs.org/sites/default/files/js/js_FakYiWsNdpUmX6Xx-j1kMthb4evGTUodjIbO2qXT4RU.js Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 15a918896b0d7695265fa5f1fa3d6432d85be1ebc64d4a1d8c86cedaa5d3e115 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"62164c5c-1a091" age 302872 x-pantheon-styx-hostname styx-fe2-b-d8dd6bb59-zk7zw x-cache HIT, HIT x-cloud-trace-context e2f09772603349bc8a32c3c65bae1407/13243932155267739893;o=0 content-length 40417 x-served-by cache-mdw17367-MDW, cache-maa10224-MAA last-modified Wed, 23 Feb 2022 15:01:48 GMT server nginx traceparent 00-e2f09772603349bc8a32c3c65bae1407-b7cbe620381b70f5-00 x-timer S1646719241.286455,VS0,VE1 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type application/x-javascript via 1.1 varnish, 1.1 varnish expires Fri, 24 Feb 2023 15:01:49 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id 86c81cd1-94b9-11ec-b637-f664f5746c29 x-cache-hits 1, 1
GET H2	200	css_PFBO8uboD77JNePDjA3dz6pByA8wAadAuzYJPfD_Ntg.css support.crs.org/sites/default/files/css/	1 KB 851 B	279ms 279ms	Stylesheet text/css	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Full URL https://support.crs.org/sites/default/files/css/css_PFBO8uboD77JNePDjA3dz6pByA8wAadAuzYJPfD_Ntg.css Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3c504ef2e6e80fbec935e3c38c0dddcfaa41c80f3001a740bb36093df0ff36d8 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"620678d1-43f" age 302872 x-pantheon-styx-hostname styx-fe2-a-55bcb968f4-2fghz x-cache HIT, HIT x-cloud-trace-context 37660ed9e6ec457285be27a66247b0c8/5734764088553850640;o=0 content-length 531 x-served-by cache-mdw17345-MDW, cache-maa10224-MAA last-modified Fri, 11 Feb 2022 14:55:13 GMT server nginx traceparent 00-37660ed9e6ec457285be27a66247b0c8-4f95f98df0eb4710-00 x-timer S1646719241.286527,VS0,VE1 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type text/css via 1.1 varnish, 1.1 varnish expires Sun, 12 Feb 2023 14:55:17 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id a07f2c25-8b4a-11ec-ab81-8a09d522465a x-cache-hits 1, 1
GET H2	200	gtm.js Show response www.googletagmanager.com/	94 KB 37 KB	82ms 30ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-N462KH Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash a371c45c4513640f275ef8438e603b57949d43c9bb2940ced4efddce9f777e36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37396 x-xss-protection 0 expires Tue, 08 Mar 2022 06:00:41 GMT
GET H2	200	image00001.jpeg www.wvi.org/sites/default/files/inline-images/	78 KB 78 KB	499ms 192ms	Image image/jpeg	107.21.104.61 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://www.wvi.org/sites/default/files/inline-images/image00001.jpeg Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 107.21.104.61 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-107-21-104-61.compute-1.amazonaws.com Software nginx / Resource Hash d3ab3899f7bf9e9e2b0865c22d74a84fdf08b73c011d45bc264639d740431d0c Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT via varnish x-content-type-options nosniff expires Tue, 15 Mar 2022 17:11:02 GMT last-modified Sat, 26 Feb 2022 10:44:47 GMT server nginx age 564579 x-cache HIT content-type image/jpeg x-ah-environment prod cache-control max-age=1209600 accept-ranges bytes content-length 79872 x-request-id v-927faf84-9982-11ec-a447-6767869c7989 x-cache-hits 362
GET H2	204	identity Show response profile.ngpvan.com/	0 571 B	820ms 754ms	Script text/plain	45.60.33.183 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://profile.ngpvan.com/identity?callback=_jqjsp Requested by Host: d1aqhv4sn5kxtx.cloudfront.net URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.33.183 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software Microsoft-IIS/10.0 / Express, ASP.NET Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT reason Returned 204 - No Content. Referrer not whitelisted server Microsoft-IIS/10.0 x-powered-by Express, ASP.NET etag W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI" x-iinfo 10-20831668-20831671 NNNN CT(-1 -1 2) RT(1646719240786 0) q(0 0 5 8) r(8 8) U5 x-cdn Imperva request-context appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
GET H2	200	gtm.js Show response www.googletagmanager.com/	114 KB 42 KB	22ms 20ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer Requested by Host: d1aqhv4sn5kxtx.cloudfront.net URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 996d99530217484273c7ad77a34cad8cd2ffe5355e8633d0ef82559e7cb03300 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42129 x-xss-protection 0 expires Tue, 08 Mar 2022 06:00:41 GMT
GET H2	200	pie_chart_92_web_english.png www.crs.org/sites/default/files/crs-files/	41 KB 41 KB	20ms 19ms	Image image/png	2606:4700:10::ac43:170 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.crs.org/sites/default/files/crs-files/pie_chart_92_web_english.png Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:170 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a467077742fb51f1474737384fd036ebca4c1fef44fd2424bf2671f9aaac0aaa Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 08 Mar 2022 06:00:41 GMT via 1.1 varnish, 1.1 varnish cf-cache-status HIT age 1029962 x-pantheon-styx-hostname styx-fe3-b-7766ff95df-h9b8f x-cache HIT, HIT x-cloud-trace-context 9385ab9471c24c6386fb13ce7e1eb80b/15280313862349931436;o=0 strict-transport-security max-age=300 content-length 41774 x-served-by cache-mdw17369-MDW, cache-fra19161-FRA last-modified Wed, 01 Apr 2020 20:19:36 GMT server cloudflare traceparent 00-9385ab9471c24c6386fb13ce7e1eb80b-d40e947fcdd843ac-00 x-timer S1645689279.397431,VS0,VE2 etag "5e84f758-a32e" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/png x-styx-req-id 5726bcd8-8812-11ec-a554-eeb185e110ef expires Wed, 08 Feb 2023 12:34:49 GMT cache-control max-age=31622400 accept-ranges bytes cf-ray 6e895a198f3301fc-ZRH x-cache-hits 1, 1
GET H2	200	charity-navigator.svg support.crs.org/themes/crs/images/	4 KB 2 KB	467ms 466ms	Image image/svg+xml	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://support.crs.org/themes/crs/images/charity-navigator.svg Requested by Host: support.crs.org URL: https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 5354ba92677c138eef4e3febf3612ecdfc7b47906845a747d39b97f3c5e320e8 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"621f97a5-1191" age 302872 x-pantheon-styx-hostname styx-fe2-b-f66bf767-lwlpw x-cache HIT, HIT x-cloud-trace-context ff79fda44fd6478b9bfd539fead8a1c4/2202723293143297928;o=0 content-length 1880 x-served-by cache-mdw17326-MDW, cache-maa10224-MAA access-control-allow-origin * last-modified Wed, 02 Mar 2022 16:13:25 GMT server nginx traceparent 00-ff79fda44fd6478b9bfd539fead8a1c4-1e91a52a2248ef88-00 x-timer S1646719241.385934,VS0,VE1 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Sun, 05 Mar 2023 17:52:49 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id e7d667ad-9be3-11ec-838b-0e58a11f3eb3 x-cache-hits 2, 1
GET H2	200	bbb-accredited-charity-wide-2021.svg support.crs.org/themes/crs/images/	6 KB 3 KB	467ms 466ms	Image image/svg+xml	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://support.crs.org/themes/crs/images/bbb-accredited-charity-wide-2021.svg Requested by Host: support.crs.org URL: https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 648c6ceba8cf5314e681a036a3e4262d92d969044b42c5bf14c7fd4a110c7bfa Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"621f979d-169b" age 302872 x-pantheon-styx-hostname styx-fe2-a-854c9bcdfb-25db4 x-cache HIT, HIT x-cloud-trace-context 30f36df659fd4e02987704ead9da056e/7381228617615190056;o=0 content-length 2393 x-served-by cache-mdw17346-MDW, cache-maa10224-MAA access-control-allow-origin * last-modified Wed, 02 Mar 2022 16:13:17 GMT server nginx traceparent 00-30f36df659fd4e02987704ead9da056e-666f6451fee6a828-00 x-timer S1646719241.386000,VS0,VE1 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Sun, 05 Mar 2023 17:52:49 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id e7d6452b-9be3-11ec-9ef3-8a10d23a32ca x-cache-hits 1, 1
GET H2	200	charity-watch-top-rated.svg support.crs.org/themes/crs/images/	7 KB 3 KB	467ms 466ms	Image image/svg+xml	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://support.crs.org/themes/crs/images/charity-watch-top-rated.svg Requested by Host: support.crs.org URL: https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash ad416536782ba3d56f7b674cdfe6a4c3487056a49030d94a027e8b1c28c9b6c1 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"62258566-1aee" age 79529 x-pantheon-styx-hostname styx-fe2-b-f66bf767-lwlpw x-cache HIT, HIT x-cloud-trace-context c07bbd3853344d45a21874cc616749c9/6622129108139483160;o=0 content-length 3087 x-served-by cache-mdw17326-MDW, cache-maa10224-MAA access-control-allow-origin * last-modified Mon, 07 Mar 2022 04:09:10 GMT server nginx traceparent 00-c07bbd3853344d45a21874cc616749c9-5be687569b6da018-00 x-timer S1646719241.386051,VS0,VE1 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Wed, 08 Mar 2023 07:55:12 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id eb15fc74-9deb-11ec-838b-0e58a11f3eb3 x-cache-hits 1, 1
GET H2	200	rose-window.svg support.crs.org/themes/crs/images/	37 KB 15 KB	467ms 466ms	Image image/svg+xml	2620:12a:8001::2 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://support.crs.org/themes/crs/images/rose-window.svg Requested by Host: support.crs.org URL: https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:12a:8001::2 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 633e02a635d31204064b2143784dcc753d26b07c877dd836b3bc8fd8ee13f8d0 Security Headers Name Value Strict-Transport-Security max-age=300 Request headers Accept-Language de-DE,de;q=0.9 Referer https://support.crs.org/sites/default/files/css/css_QB-KeGn9By9E6QopNuh_MaHaIm7CjxiYBQ-nlohe1jA.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=300 content-encoding gzip etag W/"621f979d-94d9" age 302872 x-pantheon-styx-hostname styx-fe2-b-f66bf767-lwlpw x-cache HIT, HIT x-cloud-trace-context 45e803b316fd4311b3b752c5fc612f54/17815991409293387176;o=0 content-length 15326 x-served-by cache-mdw17335-MDW, cache-maa10224-MAA access-control-allow-origin * last-modified Wed, 02 Mar 2022 16:13:17 GMT server nginx traceparent 00-45e803b316fd4311b3b752c5fc612f54-f73f1dcb2857e5a8-00 x-timer S1646719241.386118,VS0,VE1 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type image/svg+xml via 1.1 varnish, 1.1 varnish expires Sun, 05 Mar 2023 17:52:48 GMT cache-control max-age=31622400 accept-ranges bytes x-styx-req-id e7ae43d6-9be3-11ec-838b-0e58a11f3eb3 x-cache-hits 1, 1
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-N462KH Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Tue, 02 Nov 2021 17:39:06 GMT server Golfe2 age 6949 date Tue, 08 Mar 2022 04:04:52 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 08 Mar 2022 06:04:52 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 443 B	148ms 19ms	XHR text/plain	2a00:1450:400c:c07::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-4721583-36&cid=2063723856.1646719241&jid=1704758429&gjid=537543487&_gid=1908938351.1646719241&_u=YGBAgAABAAAAAE~&z=1722019910 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://help-fund-ukraine.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 08 Mar 2022 06:00:41 GMT content-type text/plain access-control-allow-origin https://help-fund-ukraine.org cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	7ms 6ms	Image image/gif	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j96&a=1511291553&t=pageview&_s=1&dl=https%3A%2F%2Fhelp-fund-ukraine.org%2F&ul=en-us&de=UTF-8&dt=Urgent%20Need%20in%20Ukraine%20%7C%20Humanitarian%20Relief%20Services&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1704758429&gjid=537543487&cid=2063723856.1646719241&tid=UA-4721583-36&_gid=1908938351.1646719241&gtm=2wg370N462KH&z=594645011 Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 08 Mar 2022 02:03:15 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 14246 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	nr-1215.min.js Show response js-agent.newrelic.com/	36 KB 14 KB	22ms 6ms	Script application/javascript	151.101.2.137 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-1215.min.js Requested by Host: help-fund-ukraine.org URL: https://help-fund-ukraine.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.2.137 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-amz-version-id mrZZlI3m.d3cabi4HqLBBkr4pQ2c77UF content-encoding gzip etag "615035bb6557b191e767e19087efabaf" x-amz-request-id ZV6VX3QJJ1XK509D x-cache HIT cross-origin-resource-policy cross-origin content-length 13666 x-amz-id-2 aVD625VnN7ZdBb5sf1fW+X3O3FSmBUTwv5zgDbu4nASS/dNwkwL7eursg4duegd7/9aKOeJdVs8= x-served-by cache-hhn4071-HHN last-modified Mon, 24 Jan 2022 22:13:53 GMT server AmazonS3 x-timer S1646719242.993571,VS0,VE0 date Tue, 08 Mar 2022 06:00:41 GMT vary Accept-Encoding content-type application/javascript via 1.1 varnish cache-control public, max-age=7200, stale-if-error=604800 accept-ranges bytes x-cache-hits 2935
GET H/1.1	200 OK	fabee458eb Show response bam.nr-data.net/1/	57 B 322 B	436ms 109ms	Script text/javascript	162.247.242.20 NEWRELIC-AS-1
General Check archive.org Show headers Download Go to Full URL https://bam.nr-data.net/1/fabee458eb?a=86471129&v=1215.1253ab8&to=ZF1QNhEHC0dZWkFaCV0XcwEXDwpaF0lUVANsW1MBCwM%3D&rst=2616&ck=1&ref=https://help-fund-ukraine.org/&ap=20&be=663&fe=2585&dc=2286&perf=%7B%22timing%22:%7B%22of%22:1646719239390,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:36,%22c%22:36,%22s%22:187,%22ce%22:342,%22rq%22:342,%22rp%22:641,%22rpe%22:642,%22dl%22:644,%22di%22:2285,%22ds%22:2285,%22de%22:2287,%22dc%22:2584,%22l%22:2584,%22le%22:2585%7D,%22navigation%22:%7B%7D%7D&fp=1749&fcp=1749&at=SBpTQFkdGEk%3D&jsonp=NREUM.setToken Requested by Host: js-agent.newrelic.com URL: https://js-agent.newrelic.com/nr-1215.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US), Reverse DNS bam-8.nr-data.net Software / Resource Hash f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23 Request headers Accept-Language de-DE,de;q=0.9 Referer https://help-fund-ukraine.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Cross-Origin-Resource-Policy cross-origin Content-Type text/javascript;charset=iso-8859-1 Content-Length 57 Expires Thu, 01 Jan 1970 00:00:00 GMT

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored object| NREUM object| newrelic function| __nr_require function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| dataLayer function| $ function| jQuery object| Backbone function| _jqjsp object| atLayer object| _gaq object| user object| nvtag_plugins object| lightcase function| ukrainePostRender object| nvtag_callbacks object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData undefined| paymentTypeCapture function| myPostRender

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.help-fund-ukraine.org/	1970-01-20 18:56:31	Name: _ga Value: GA1.2.2063723856.1646719241
			.help-fund-ukraine.org/	1970-01-20 01:26:45	Name: _gid Value: GA1.2.1908938351.1646719241
			.help-fund-ukraine.org/	1970-01-20 01:25:19	Name: _dc_gtm_UA-4721583-36 Value: 1
			.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 780fcc55bd13c4bb

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://help-fund-ukraine.org/sites/default/files/google_tag/primary/google_tag.script.js?r7tuc2 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://cloud.typography.com/7240754/7940372/css/fonts.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
bam.nr-data.net
cheapsslsecurity.com
cloud.typography.com
d1aqhv4sn5kxtx.cloudfront.net
help-fund-ukraine.org
js-agent.newrelic.com
profile.ngpvan.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
support.crs.org
upload.wikimedia.org
www.crs.org
www.google-analytics.com
www.googletagmanager.com
www.wvi.org
104.111.232.231
104.22.75.85
107.21.104.61
108.138.24.196
151.101.2.137
162.247.242.20
198.54.114.155
2606:4700:10::ac43:170
2606:4700::6812:acf
2620:0:862:ed1a::2:b
2620:12a:8001::2
2a00:1450:4001:803::200e
2a00:1450:4001:810::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9b
45.60.33.183
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05ef239e521579561d6a59430738d43c4743e1c03fb250fc4a03866711b3e9c1
15a918896b0d7695265fa5f1fa3d6432d85be1ebc64d4a1d8c86cedaa5d3e115
18395fd1ef75de4f03f701f5a5020563aed55e1539b3200605053f2c924211bb
34959e43e6ecf368807a84f92ad9aa6e2dcd5f0c5c1e57da55e8f3248d9d9255
3c504ef2e6e80fbec935e3c38c0dddcfaa41c80f3001a740bb36093df0ff36d8
401f8a7869fd072f44e90a2936e87f31a1da226ec28f1898050fa796885ed630
4870bae057c798d3f0f01dda825755b0ee09febb105bb778e2962e9111bf223d
5295cbde8cf5711762ee17cb8bf4ae535cc8c8b87da029038ce272bd6eed62ec
5354ba92677c138eef4e3febf3612ecdfc7b47906845a747d39b97f3c5e320e8
633e02a635d31204064b2143784dcc753d26b07c877dd836b3bc8fd8ee13f8d0
648c6ceba8cf5314e681a036a3e4262d92d969044b42c5bf14c7fd4a110c7bfa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f28d8bdbd636a3987ab414a2bca1a74a5b9374507dc01bc2ca2f00f867450ba
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874edd5f4bde7c59b6be5897835f32740990d2af389d4ded57922556ea10f8e6
8de49af428a02a2743a243bec44bbe2f6ae81c3beec6e320aae3b0ac7cd980a7
996d99530217484273c7ad77a34cad8cd2ffe5355e8633d0ef82559e7cb03300
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a371c45c4513640f275ef8438e603b57949d43c9bb2940ced4efddce9f777e36
a467077742fb51f1474737384fd036ebca4c1fef44fd2424bf2671f9aaac0aaa
ad416536782ba3d56f7b674cdfe6a4c3487056a49030d94a027e8b1c28c9b6c1
d3ab3899f7bf9e9e2b0865c22d74a84fdf08b73c011d45bc264639d740431d0c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f66f3eb40dc841ff138652d06134d9532130782bf247dd3c4e0d1709b29839f6
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23