secure.joebiden.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://act.joebiden.com/BVFraiser?attr=100839588
Effective URL:
https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Submission: On September 25 via api (September 25th 2020, 7:03:48 am UTC) from DE

Summary HTTP 58 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 18 IPs in 6 countries across 15 domains to perform 58 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.joebiden.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on May 11th 2020. Valid for: a year.

This is the only time secure.joebiden.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.204.215.87 143.204.215.87	16509 (AMAZON-02) (AMAZON-02)
14	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
9	2600:9000:206... 2600:9000:206e:0:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
5	2a01:4a0:1338... 2a01:4a0:1338:28::c38a:ff0b	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
4	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	143.204.215.76 143.204.215.76	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:5a4::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE)
1	99.86.245.122 99.86.245.122	16509 (AMAZON-02) (AMAZON-02)
2	13.69.66.140 13.69.66.140	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	40.114.13.25 40.114.13.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
58	18

1 143.204.215.87 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-87.fra53.r.cloudfront.net

act.joebiden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

secure.joebiden.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:206e:0:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4a0:1338:28::c38a:ff0b (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.76 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-76.fra53.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:5a4::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.245.122 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-245-122.vie50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.66.140 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

forms-prod.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	456 KB
9	google-analytics.com www.google-analytics.com	19 KB
7	ngpvan.com profile.ngpvan.com secure.ngpvan.com fastaction.ngpvan.com actions.ngpvan.com	16 KB
6	typekit.net use.typekit.net p.typekit.net	100 KB
6	joebiden.com 1 redirects act.joebiden.com secure.joebiden.com	27 KB
4	windows.net nvlupin.blob.core.windows.net	22 KB
3	verygoodvault.com js.verygoodvault.com	24 KB
2	doubleclick.net stats.g.doubleclick.net	517 B
2	everyaction.com actions.everyaction.com secure.everyaction.com	3 KB
2	visualstudio.com dc.services.visualstudio.com	236 B
2	twitter.com platform.twitter.com	29 KB
2	facebook.net connect.facebook.net	64 KB
2	googletagmanager.com www.googletagmanager.com	66 KB
1	azurewebsites.net forms-prod.azurewebsites.net	882 B
1	msecnd.net az416426.vo.msecnd.net	37 KB
58	15

	Domain	Requested by
9	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
9	d3rse9xjbp8270.cloudfront.net	secure.joebiden.com d3rse9xjbp8270.cloudfront.net www.googletagmanager.com
5	use.typekit.net	secure.joebiden.com use.typekit.net
5	secure.joebiden.com	secure.joebiden.com az416426.vo.msecnd.net
4	nvlupin.blob.core.windows.net	secure.joebiden.com nvlupin.blob.core.windows.net
3	secure.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
3	js.verygoodvault.com	secure.joebiden.com js.verygoodvault.com
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
2	platform.twitter.com	secure.joebiden.com platform.twitter.com
2	connect.facebook.net	secure.joebiden.com connect.facebook.net
2	www.googletagmanager.com	secure.joebiden.com d3rse9xjbp8270.cloudfront.net
1	secure.everyaction.com	az416426.vo.msecnd.net
1	actions.ngpvan.com	az416426.vo.msecnd.net
1	actions.everyaction.com	az416426.vo.msecnd.net
1	forms-prod.azurewebsites.net	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com
1	az416426.vo.msecnd.net	secure.joebiden.com
1	p.typekit.net	use.typekit.net
1	act.joebiden.com	1 redirects
58	22

This site contains links to these domains. Also see Links.

Domain
www.joebiden.com
fastaction.ngpvan.com
joebiden.com
democrats.org
www.ngpvan.com

Subject Issuer	Validity	Valid
clusteroa-khkpu.ngpvanapp.com SSL.com RSA SSL subCA	`2020-05-11` - `2021-08-08`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 5	`2020-07-27` - `2022-07-27`	2 years	crt.sh
*.verygoodvault.com Amazon	`2020-04-17` - `2021-05-17`	a year	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.ngpvan.com RapidSSL RSA CA 2018	`2018-02-08` - `2021-02-07`	3 years	crt.sh
in.applicationinsights.azure.com Microsoft IT TLS CA 4	`2020-04-30` - `2022-04-30`	2 years	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 5	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.everyaction.com RapidSSL TLS RSA CA G1	`2020-05-28` - `2022-05-28`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Frame ID: B91AF3779CD2CB0EED4DD768859998CA
Requests: 56 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fsecure.joebiden.com
Frame ID: 871F906AC4895B352637237E82C12A0B
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId25032550419936857833&formId=randomId25042478337185454595&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: 193068AC922BC9AC9F2B1CA9EF7C17B4
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2507092832267146634&formId=randomId25042478337185454595&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: 9F0F2DF2B4B3130F1609E79BB26C670A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://act.joebiden.com/BVFraiser?attr=100839588 HTTP 302
https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588 Page URL

Page Statistics

58
Requests

100 %
HTTPS

61 %
IPv6

15
Domains

22
Subdomains

18
IPs

6
Countries

863 kB
Transfer

2398 kB
Size

8
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://www.joebiden.com/

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://joebiden.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://joebiden.com/terms/
Title: Terms and Conditions (BFP)

Search URL Search Domain Scan URL

URL: https://democrats.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://democrats.org/terms-of-service/
Title: Terms of Services (DNC)

Search URL Search Domain Scan URL

URL: https://www.ngpvan.com/
Title: NGP VAN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://act.joebiden.com/BVFraiser?attr=100839588 HTTP 302
https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

58 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set K3W1hrzem0S9ecZxawBI4g2 Show response
secure.joebiden.com/onlineactions/
Redirect Chain

https://act.joebiden.com/BVFraiser?attr=100839588
https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

11 KB
6 KB

549ms
440ms

Document
text/html

45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

1b01421c3d3f5daeecbbf3e62fb7e0a8d7ad1d5e7af085a0328992a7c7fae9ba

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secure.joebiden.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Fri, 25 Sep 2020 07:03:30 GMT
Set-Cookie: visid_incap_1983876=bvHLVfKwSZiS33lUYnuDB0GWbV8AAAAAQUIPAAAAAAC0y1wazOsWDqwhsuVyZa+L; expires=Fri, 24 Sep 2021 12:15:41 GMT; HttpOnly; path=/; Domain=.joebiden.com nlbi_1983876=gQe3HoX51UbXut9tbNEK1QAAAABCh2LEmse58VVS79RUTac3; path=/; Domain=.joebiden.com incap_ses_246_1983876=pmb4U4t2iSlF/aap0PdpA0KWbV8AAAAA56phdCImJ5F26bO7n8wbBQ==; path=/; Domain=.joebiden.com ___utmvmSVuIvopB=JYYrSWnMhAG; path=/; Max-Age=900 ___utmvaSVuIvopB=HSmMQrw; path=/; Max-Age=900 ___utmvbSVuIvopB=zZq XpiOsaln: OtV; path=/; Max-Age=900 TiPMix=8.65141894139881; path=/; HttpOnly; Domain=secure.joebiden.com; Max-Age=3600; SameSite=None; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.joebiden.com; Max-Age=3600; SameSite=None; Secure ; Secure; SameSite=None; Secure
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 7-53833543-53833544 NNNN CT(96 182 0) RT(1601017409754 34) q(0 0 3 0) r(4 4) U12

Redirect headers

status: 302
content-type: text/html; charset=ISO-8859-1
content-length: 175
location: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
date: Fri, 25 Sep 2020 07:03:29 GMT
server: Apache
vary: X-BSD-Chapter
x-cache: Miss from cloudfront
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: qfkt3JRwUm1RK9s0EYfd80InMH0G7Df6I5CHFk-P6zu5ikYAzEa5Qg==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 810 KB
229 KB 72ms
23ms Script
application/javascript 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c25d6f367de53359a0f5c0762446ddfab8670d89e91a8838444801a5dba99276

Request headers

Origin: https://secure.joebiden.com
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 24 Sep 2020 13:16:40 GMT
content-encoding: gzip
age: 64011
x-cache: Hit from cloudfront
status: 200
content-length: 234175
access-control-allow-origin: *
last-modified: Wed, 26 Aug 2020 20:44:52 GMT
server: AmazonS3
etag: "1ddaa75f32381c276772f352ccc9be73"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: rlo1BMpDzbpv9Ctfbg_R1FYcTZX86Wy2PZ0dENZKEQxNSUvcaNzBtg==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 73ms
24ms Stylesheet
text/css 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50114121088bef28d7999dd67bd4391c3aadf5e9a31988e2c388ebe75f6abeb0

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 05:25:04 GMT
content-encoding: gzip
age: 5907
x-cache: Hit from cloudfront
status: 200
content-length: 20576
access-control-allow-origin: *
last-modified: Wed, 26 Aug 2020 20:44:52 GMT
server: AmazonS3
etag: "39411f7a5010f12f4385d206adbfff70"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: GCoyll6_hcNHc-jakC9LhROo_00uvIavMzEF_-CoYystbzC3WNi_6A==

GET
H2 200 gsw4use.css
use.typekit.net/ 4 KB
995 B 155ms
144ms Stylesheet
text/css 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/gsw4use.css

Requested by

Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),

Reverse DNS

Software

nginx /

Resource Hash

80d9c2a8983313423529c5d608471b00760cb73c14fe1fe73dcdae7cc7f2b2de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
status: 200
date: Fri, 25 Sep 2020 07:03:30 GMT
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 795

GET
H/1.1 200
OK bvf-theme-styles.css
nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/bvf/ 14 KB
14 KB 549ms
127ms Stylesheet
text/css 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/bvf/bvf-theme-styles.css
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 7ca8a82d8f5b39340f3c4e882031ef939f58a0edc22b45802ac60b4df69b51a3

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 25 Sep 2020 07:03:30 GMT
Last-Modified: Wed, 22 Jul 2020 15:30:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D82E542369E176
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 0aafb065-801e-00ea-2309-93eef9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 14277

GET
H/1.1 200
OK script-error Show response
secure.joebiden.com/js/ 246 B
1 KB 131ms
130ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.joebiden.com/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1

Requested by

Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Iinfo: 7-53833543-53833544 SNNN RT(1601017409754 486) q(0 0 0 -1) r(1 1) U4
Content-Length: 274
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Last-Modified: Fri, 25 Sep 2020 07:03:30 GMT
X-Frame-Options: SAMEORIGIN
Date: Fri, 25 Sep 2020 07:03:30 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: Sat, 25 Sep 2021 07:03:30 GMT

GET
H/1.1 200
OK bvf-logo-white.svg
nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/bvf/ 4 KB
4 KB 338ms
124ms Image
image/svg+xml 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/bvf/bvf-logo-white.svg
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 45de66fc12f36cbd296f8cc2b8ea36e78ad88d5226a6d04c9ddde1f59ab0a84a

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 25 Sep 2020 07:03:30 GMT
Last-Modified: Sat, 16 May 2020 01:55:26 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7F93C34225CDA
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 0aafb099-801e-00ea-5509-93eef9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 3945

GET
H/1.1 200
OK ngpvan-logo-mark.svg
nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/ 2 KB
2 KB 301ms
149ms Image
image/svg+xml 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/ngpvan-logo-mark.svg
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3cbad3e42141ac8c6c14eeec5fbfb57c6ac109f47f3d95327a446ef24b675b6a

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 25 Sep 2020 07:03:30 GMT
Last-Modified: Sat, 16 May 2020 01:56:15 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7F93C511ADF5A
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 0aafb0f4-801e-00ea-2c09-93eef9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1577

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 134ms
39ms Script
application/javascript 143.204.215.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-76.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Origin: https://secure.joebiden.com
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding: gzip
ETag: "f3cecf4193fb217244937c56bee4b1b6"
X-Amz-Cf-Pop: FRA53-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:03:51 GMT
Server: AmazonS3
Date: Fri, 25 Sep 2020 07:03:31 GMT
Vary: Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
X-Amz-Cf-Id: RDN7erL8p5EBYa-Ksx_sPiunH4PIVtbvVvXmEC3c6Vu3mgrksHRmIg==

GET
H/1.1 200
OK _Incapsula_Resource Show response
secure.joebiden.com/ 126 KB
18 KB 42ms
41ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.joebiden.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1127132253
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 2775a7159d5429349686f9b3b52ee2ebab8c197a8607100bca18f985e2bee49d

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 18339
Content-Type: application/javascript

GET
H2 200 p.css
p.typekit.net/ 5 B
149 B 34ms
9ms Stylesheet
text/css 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=gsw4use&ht=tk&f=35363.35364.35369.35370.35372.35374&a=354392&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsw4use.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/gsw4use.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:31 GMT
last-modified: Wed, 24 Jun 2020 23:30:16 GMT
server: nginx
etag: "5ef3e208-5"
status: 200
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
34 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8f10dfce3195a8c561f8a964f45a16c2641a52dc3ac7075989b48014c12ebec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:31 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35122
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 07:03:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

19f500ec1f3199b08c02e222e2a49b0eca8deec658476e62f4924dcf28c471da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SMljo6b09Z8iS2hA1HVFKg==
status: 200
cross-origin-resource-policy: cross-origin
expires: Fri, 25 Sep 2020 07:10:09 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
etag: "0395d708bcb3a9452f0d219e6905700e"
x-fb-debug: memqetQMiMeUxp9D1Ys3MpLUXu1isRlxI4nvbjpNlQTBX3e3HthqzFP84VgTovOtymHD/Olwc04PPRjJwHZ/0Q==
x-fb-trip-id: 2050670934
x-fb-content-md5: b0686ff56bafa479dc078e74197b0479
date: Fri, 25 Sep 2020 07:03:31 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 9ms
8ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4192) /
Resource Hash: a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 07:03:31 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 20:40:54 GMT
Server: ECS (fcn/4192)
Age: 164
Etag: "a58136137a93f33c1d165df7d4d973f8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28881

GET
H2 200 l
use.typekit.net/af/5d27c7/00000000000000003b9b32e5/27/ 24 KB
24 KB 27ms
14ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d27c7/00000000000000003b9b32e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsw4use.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: d8ffe5088bf3bc6a8525456c014a33472708a141e3d450f81d7ec45818be963f

Request headers

Origin: https://secure.joebiden.com
Referer: https://use.typekit.net/gsw4use.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:31 GMT
server: nginx
etag: "1770f29b31506bb18fb30550a9edb3e64f143f07"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24716

GET
H2 200 l
use.typekit.net/af/bb3a8a/00000000000000003b9b32df/27/ 25 KB
25 KB 54ms
53ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bb3a8a/00000000000000003b9b32df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsw4use.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: f974a46889986a4e3c083130d196c0497b0b67769ef0ade6528eb70b0267554e

Request headers

Origin: https://secure.joebiden.com
Referer: https://use.typekit.net/gsw4use.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:31 GMT
server: nginx
etag: "50716d325a97719548adc665bbdc904c43c0458a"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 25184

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 123 KB
37 KB 52ms
8ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5B) /
Resource Hash: 0061053848f04ed531336574ed591c136cf8f424b5d68914b2a407a289412eea

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Sep 2020 07:03:31 GMT
content-encoding: gzip
content-md5: I8onfuSNSNOwC9VQnISPaw==
age: 1698
x-cache: HIT
status: 200
x-ms-meta-aijssdksrc: [scripts]/b/ai.2.5.8.min.js
content-length: 37448
x-ms-lease-status: unlocked
last-modified: Tue, 01 Sep 2020 17:28:03 GMT
server: ECAcc (frc/8F5B)
x-ms-meta-aijssdkver: 2.5.8
etag: 0x8D84E9C618CCA5A
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 6c86fc6e-d01e-00fa-5e06-932d03000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19
expires: Fri, 25 Sep 2020 07:33:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 201 KB
61 KB 39ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=d22978fa98cda167e544244f6fbf2db3&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

482b824e22e980fde1d49d8b8dd6643eaf9bc7329fe3c40dd446a14586fdb35d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://secure.joebiden.com
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: GkyIohAyLFjwg6hLJ75tHw==
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 62342
etag: "2f8ca4909cf0aa8a64a374ef430564d1"
x-fb-debug: flkPZa8wUr0xF2bjKiNdC0TjU8D514HYa6V8EVOaqjG5Gf7EM1Z+DuhOra/173rNnbv0N3pbWIM38j+7/z+A0A==
x-fb-trip-id: 1460883810
x-fb-content-md5: c2154fea39b4f227f662dd3f080e3eb6
x-frame-options: DENY
date: Fri, 25 Sep 2020 07:03:31 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Sat, 25 Sep 2021 03:45:04 GMT

GET
H/1.1 200
OK _Incapsula_Resource
secure.joebiden.com/ 1 B
123 B 33ms
32ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.joebiden.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2986972593770494
Requested by: Host: secure.joebiden.com
URL: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 871F 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fsecure.joebiden.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 810148
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 25 Sep 2020 07:03:31 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 01 Sep 2020 17:58:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/418E)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H/1.1 200
OK identity Show response
profile.ngpvan.com/ 72 B
1 KB 456ms
135ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

a6f69dbeaa11b7e2e659ceab61c5e6f1f2bdc3578f3e20278e64d2400ead3e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 07:03:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
X-Iinfo: 5-94094758-94094600 2NNN RT(1601017411326 32) q(0 0 0 -1) r(1 1) U1
X-CDN: Incapsula
Content-Type: text/javascript; charset=utf-8
Content-Length: 194
ETag: W/"48-1H+2PWgk5Hao1jr1QT2kNR5eIqg"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 91 KB
32 KB 60ms
43ms Script
application/javascript 2a00:1450:4001:81a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

399b74d5c490c525fe70cdc083fb3cd31f399c64829f652f8594bbbc3993ab4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:31 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32201
x-xss-protection: 0
last-modified: Fri, 25 Sep 2020 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Sep 2020 07:03:31 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 92 KB
16 KB 46ms
45ms Stylesheet
text/css 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de9083ecbf1ac324dc8431bced7a2897aba0582b4e1cb56c3719aead4def3a80

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 05:14:59 GMT
content-encoding: gzip
age: 6513
x-cache: Hit from cloudfront
status: 200
content-length: 15885
access-control-allow-origin: *
last-modified: Wed, 26 Aug 2020 20:44:52 GMT
server: AmazonS3
etag: "91ae3c75a221e55d5cca8cff5b9a1b8c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: YdLOV4twNgCn6sOGrfYHguVMK0gIubPYBYzrQ38a9BQfjuzQOtZAWg==

GET
H/1.1 200
OK K3W1hrzem0S9ecZxawBI4g2 Show response
secure.ngpvan.com/v1/Forms/ 19 KB
8 KB 551ms
437ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/v1/Forms/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

98e6881447e0e7829ebc22121a935f7654b29447bb2e5b8f3fd47b906e440cb2

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 8-20951104-20951109 NNNN CT(88 180 0) RT(1601017411238 47) q(0 0 3 0) r(4 4) U2
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Fri, 25 Sep 2020 07:03:32 GMT
Date: Fri, 25 Sep 2020 07:03:31 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.joebiden.com
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
ETag: "df66fc47-7903-4165-9771-3c3ac84e151e"
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: -1

GET
H/1.1 200
OK sweetspot.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 8 KB
9 KB 144ms
45ms Script
application/x-javascript 99.86.245.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.245.122 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-245-122.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 24 Sep 2020 10:30:24 GMT
Via: 1.1 6efe5b6e0a48bab07dc8cc99f7fb58ff.cloudfront.net (CloudFront)
Age: 73988
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8149
Last-Modified: Tue, 06 Aug 2019 21:06:41 GMT
Server: AmazonS3
ETag: "37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: -1EypZjr9TuJYoW8chawjxy2ivdSlpBzxdPW1KNqWQ3G9J9ulRs7iQ==

GET
H/1.1 200
OK nvtag Show response
profile.ngpvan.com/v2/data/DR6_v3ztK6eB7DKNnlCDYVgK/ 2 B
1 KB 465ms
400ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/DR6_v3ztK6eB7DKNnlCDYVgK/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 25 Sep 2020 07:03:31 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.joebiden.com
X-Iinfo: 13-150967248-150967256 NNNN CT(89 180 0) RT(1601017411530 34) q(0 0 3 -1) r(4 4) U12
Access-Control-Allow-Credentials: true
Content-Length: 123
X-CDN: Incapsula
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 135ms
35ms Other 13.69.66.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.66.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://secure.joebiden.com
Sec-Fetch-Mode: cors

Response headers

status: 200
access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Fri, 25 Sep 2020 07:03:31 GMT
content-length: 0

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
236 B 465ms
465ms XHR
application/json 13.69.66.140
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.66.140 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

10163790c78b3eb4816880a34f31c3c8fca656e31d321a57719e4e463c8cb0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 8B2AAB87-6B77-4EE4-A01B-89DF4FB1238C
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
status: 200
date: Fri, 25 Sep 2020 07:03:32 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 6472
date: Fri, 25 Sep 2020 05:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Fri, 25 Sep 2020 07:15:40 GMT

GET
H/1.1 200
OK identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
2 KB 737ms
423ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1601017412319=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

6b6f5caee86e91d858b7420da1627088ba29260fce89a6ba67681967a230e894

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Powered-By: Express
Transfer-Encoding: chunked
P3p: CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo: 1-13996162-13996164 NNYN CT(88 189 0) RT(1601017412046 37) q(0 0 3 0) r(4 4) U18
Date: Fri, 25 Sep 2020 07:03:32 GMT
Connection: keep-alive
Content-Encoding: gzip
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server: Cowboy
Etag: W/"ba-qxBPbXubIS4D6+bgY9JIlc9svLA"
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0

GET
H2 200 gtmtools.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 4 KB
1 KB 18ms
18ms Script
application/javascript 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/gtmtools.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 688816a43741acb40cfba1d451d322792a82a7504c38d04a64deed74601e9286

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 07:44:06 GMT
content-encoding: gzip
age: 1466367
x-cache: Hit from cloudfront
status: 200
content-length: 1043
access-control-allow-origin: *
last-modified: Thu, 06 Aug 2020 12:35:19 GMT
server: AmazonS3
etag: "20a86d839c3205f16073344b8e5a2bc6"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: zc2lqP4XxjC6sdpDINWh3uSsChwKC7l4KIIWtDY7Okd3RQ-bttF0lA==

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 18ms
18ms Font
application/font-woff2 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Origin: https://secure.joebiden.com
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 05:49:07 GMT
via: 1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
age: 4466
x-cache: Hit from cloudfront
status: 200
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: 7-9u1GYcXFYdlAPMczvNpHlwQmy3U2w-NNCH-JIisN7LDIUQJWPoeQ==

GET
H2 200 l
use.typekit.net/af/0e2446/00000000000000003b9b32e6/27/ 24 KB
25 KB 12ms
11ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/0e2446/00000000000000003b9b32e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsw4use.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 0fec46fd1ff97473c5d2a1c0975702d1dac394ad6f052ad108caa5b82910b5c6

Request headers

Origin: https://secure.joebiden.com
Referer: https://use.typekit.net/gsw4use.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:32 GMT
server: nginx
etag: "a561d0ecb3fd10c0922a6b0ee4f4b38378be18f6"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 24920

GET
H/1.1 200
OK check-mark.svg
nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/ 428 B
999 B 128ms
124ms Image
image/svg+xml 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/check-mark.svg
Requested by: Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/bvf/bvf-theme-styles.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1081787d4e0206045f2e92f3762067c5b8cd02a926e736a09f52795a5c38d1b4

Request headers

Referer: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP17/1/73229/images/themes/bvf/bvf-theme-styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Fri, 25 Sep 2020 07:03:31 GMT
Last-Modified: Sat, 16 May 2020 01:51:43 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D7F93BAF6755CC
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: 0aafb313-801e-00ea-2f09-93eef9000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 428

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 229 KB
52 KB 25ms
24ms Script
application/javascript 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 14 Dec 2019 01:45:31 GMT
content-encoding: gzip
age: 24729482
x-cache: Hit from cloudfront
status: 200
content-length: 52457
access-control-allow-origin: *
last-modified: Thu, 03 Oct 2019 17:12:46 GMT
server: AmazonS3
etag: "0e171f16b707862d9a5a9168f0edc967"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: r4X6GnTZBLMH8bVwFEDRS2B5LGJ9HnmJB8EE9r9E53IP4DQvb95Kdw==

GET
H2 200 flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 20 KB
20 KB 20ms
20ms Image
image/png 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 05 Sep 2020 08:10:11 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
age: 1724002
x-cache: Hit from cloudfront
status: 200
content-length: 20389
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: FqhnJ7ookHQqhaK-kQuo8BbnJyHD4nK1iEY4Z0TPMJbkY4zM8UL8-w==

GET
H2 200 cc.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 3 KB
4 KB 19ms
18ms Image
image/png 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/cc.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 18 Sep 2020 11:51:58 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
age: 587495
x-cache: Hit from cloudfront
status: 200
content-length: 3392
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: wgPrKaZFJQX1YyEkfVRaxCBHIsbxGEBPzDOhuUagykQuUq34oLl5TQ==

GET
H2 200 l
use.typekit.net/af/96a85b/00000000000000003b9b32de/27/ 25 KB
25 KB 19ms
14ms Font
application/font-woff2 2a01:4a0:1338:28::c38a:ff0b
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/96a85b/00000000000000003b9b32de/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/gsw4use.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a01:4a0:1338:28::c38a:ff0b , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 8d4ecfe5c5c9aa6208f6ba9c540dfa88ef66bfe05e033997959b1227000c226a

Request headers

Origin: https://secure.joebiden.com
Referer: https://use.typekit.net/gsw4use.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 07:03:32 GMT
server: nginx
etag: "86304efcb868db3a852a6b3e1a348e17ef7e6fc5"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 25236

GET
H/1.1 200
OK K3W1hrzem0S9ecZxawBI4g2
secure.ngpvan.com/v1/Track/ 0
906 B 135ms
135ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.ngpvan.com/v1/Track/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Fri, 25 Sep 2020 07:03:32 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 8-20951104-20951109 SNNN RT(1601017411238 1196) q(0 0 0 0) r(1 1) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ 9 KB
9 KB 18ms
18ms Image
image/svg+xml 2600:9000:206e:0:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206e:0:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 25 Sep 2020 05:49:07 GMT
via: 1.1 488e01d34d3fb7f21dfcaccec82f530f.cloudfront.net (CloudFront)
age: 4466
x-cache: Hit from cloudfront
status: 200
content-length: 9203
last-modified: Wed, 08 Jan 2020 18:06:45 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: VIE50-C1
accept-ranges: bytes
x-amz-cf-id: lamOVvl7zQ9Z0gi0uQI5iOWAy7X5eDRr46YG3BcBUfa2ZN0C3ye63A==

GET
H/1.1 204
No Content DR6_v3ztK6eB7DKNnlCDYVgK Show response
forms-prod.azurewebsites.net/Databag/Profile/ 0
882 B 551ms
129ms XHR
text/plain 40.114.13.25
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-prod.azurewebsites.net/Databag/Profile/DR6_v3ztK6eB7DKNnlCDYVgK

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 25 Sep 2020 07:03:33 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.joebiden.com
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content DR6_v3ztK6eB7DKNnlCDYVgK Show response
actions.everyaction.com/Databag/Profile/ 0
1 KB 242ms
153ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/Databag/Profile/DR6_v3ztK6eB7DKNnlCDYVgK

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Fri, 25 Sep 2020 07:03:33 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.joebiden.com
X-Iinfo: 14-184414266-184414273 NNNY CT(0 0 0) RT(1601017412564 33) q(0 0 0 0) r(2 2) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content DR6_v3ztK6eB7DKNnlCDYVgK Show response
actions.ngpvan.com/Databag/Profile/ 0
1 KB 487ms
402ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.ngpvan.com/Databag/Profile/DR6_v3ztK6eB7DKNnlCDYVgK

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Fri, 25 Sep 2020 07:03:32 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.joebiden.com
X-Iinfo: 11-92294199-92294207 NNNN CT(88 182 0) RT(1601017412556 38) q(0 0 3 -1) r(4 4) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content DR6_v3ztK6eB7DKNnlCDYVgK Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 504ms
419ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/DR6_v3ztK6eB7DKNnlCDYVgK

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Fri, 25 Sep 2020 07:03:32 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.joebiden.com
X-Iinfo: 14-184414258-184414271 NNNN CT(87 199 0) RT(1601017412553 41) q(0 0 3 0) r(4 4) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content DR6_v3ztK6eB7DKNnlCDYVgK Show response
secure.ngpvan.com/Databag/Profile/ 0
1 KB 238ms
173ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/DR6_v3ztK6eB7DKNnlCDYVgK

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Fri, 25 Sep 2020 07:03:32 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.joebiden.com
X-Iinfo: 8-20951104-20951109 SNNN RT(1601017411238 1337) q(0 0 0 0) r(2 2) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content DR6_v3ztK6eB7DKNnlCDYVgK Show response
secure.joebiden.com/Databag/Profile/ 0
800 B 146ms
145ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.joebiden.com/Databag/Profile/DR6_v3ztK6eB7DKNnlCDYVgK

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Request-Id: |72e1903748a34d0fb991bc6f468079dc.e03fa311150b4c96
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Fri, 25 Sep 2020 07:03:32 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 7-53833543-53833544 SNNN RT(1601017409754 2759) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 1930 0
0 106ms
32ms Document
text/html 143.204.215.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId25032550419936857833&formId=randomId25042478337185454595&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-76.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
Date: Fri, 25 Sep 2020 06:04:48 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache: Hit from cloudfront
Via: 1.1 8b5bc0831e6dab612582614c3009efa7.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: Alv2mFODLl1-b7mc0GVfAp1EmY792Kxo_yU-ZXnCcKG6EtkHWTIrNg==
Age: 3526

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 9F0F 0
0 99ms
33ms Document
text/html 143.204.215.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2507092832267146634&formId=randomId25042478337185454595&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.76 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-76.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
Date: Fri, 25 Sep 2020 06:04:48 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache: Hit from cloudfront
Via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: omaOJ0Sdhj8Fr76A7-_TSTZD9FFjeEpVdEgkdHJCxZHPlC0PtH0kfg==
Age: 3526

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
188 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=539762352&t=timing&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utl=v1&utt=582&_u=YEBAAEABAAAAAC~&jid=1660345344&gjid=708922065&cid=938525712.1601017413&tid=UA-28243511-22&_gid=1077006020.1601017413&_r=1&gtm=2wg9g15L2FSL&z=1532486767

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 07:03:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.joebiden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
26 B 13ms
13ms XHR
text/plain 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=539762352&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Minimal&ev=21&_u=YEDAAEABAAAAAC~&jid=1514266799&gjid=788783434&cid=938525712.1601017413&tid=UA-28243511-20&_gid=1077006020.1601017413&_r=1&gtm=2wg9g15L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP17%2F1%2F73229&cd4=1003813&cd5=BVF%20-%20Raiser%20High&cd6=K3W1hrzem0S9ecZxawBI4g2&z=219529945

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Sep 2020 07:03:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.joebiden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
86 B 25ms
25ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-28243511-20&cid=938525712.1601017413&jid=1587596168&gjid=719989835&_gid=1077006020.1601017413&_u=YGDAgEABAAAAAG~&z=633188772

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Sep 2020 07:03:33 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.joebiden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
121 B 9ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=539762352&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgEABAAAAAC~&jid=1587596168&gjid=719989835&cid=938525712.1601017413&tid=UA-28243511-20&_gid=1077006020.1601017413&gtm=2wg9g15L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP17%2F1%2F73229&cd4=1003813&cd5=BVF%20-%20Raiser%20High&cd6=K3W1hrzem0S9ecZxawBI4g2&z=1734025887

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 21:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 9ms
6ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=539762352&t=timing&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utl=v1&utt=30&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=938525712.1601017413&tid=UA-28243511-22&_gid=1077006020.1601017413&gtm=2wg9g15L2FSL&z=795496179

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 21:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 10ms
7ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=539762352&t=timing&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utl=v1&utt=629&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=938525712.1601017413&tid=UA-28243511-22&_gid=1077006020.1601017413&gtm=2wg9g15L2FSL&z=569679197

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 21:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 10ms
8ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=539762352&t=timing&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utl=v1&utt=12&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=938525712.1601017413&tid=UA-28243511-22&_gid=1077006020.1601017413&gtm=2wg9g15L2FSL&z=1872283726

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 21:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 11ms
8ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=539762352&t=timing&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utl=v1&utt=1265&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=938525712.1601017413&tid=UA-28243511-22&_gid=1077006020.1601017413&gtm=2wg9g15L2FSL&z=562830148

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 21:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
57 B 12ms
10ms Image
image/gif 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=539762352&t=timing&_s=1&dl=https%3A%2F%2Fsecure.joebiden.com%2Fonlineactions%2FK3W1hrzem0S9ecZxawBI4g2%3Fattr%3D100839588&ul=en-us&de=UTF-8&dt=Biden%20Victory%20Fund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=1384&_u=YGDAAEABAAAAAG~&jid=&gjid=&cid=938525712.1601017413&tid=UA-28243511-22&_gid=1077006020.1601017413&gtm=2wg9g15L2FSL&z=1532414810

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Sep 2020 21:27:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34573
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
431 B 48ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-28243511-20&cid=938525712.1601017413&jid=1514266799&gjid=788783434&_gid=1077006020.1601017413&_u=YEDAAEABAAAAAC~&z=1530411868

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.joebiden.com/onlineactions/K3W1hrzem0S9ecZxawBI4g2?attr=100839588
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Sep 2020 07:03:33 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.joebiden.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
secure.joebiden.com/	1970-01-19 12:43:37	Name: ___utmvc Value: Yty8r+ccLyRyGmQ5RInmGP++cJYv6IEB5shnXrPaOjv9yOL7o5VsGVTmXifF9OjKis64N9n0AYWjFaFAjfO02iNvoRuR3Rxoq9JR7dUnrnfVyZT38CnEeIaICyYs7BQmL3dhDf4Ti5jrT6J8wXI3Ew0o54Duu1M47c0peILiI46sF75ffrrDBhVQwoKV3+bEzt1mjOycVqr7XE8mBQIGOZJZZeVD0ePegJFuCMm21Dt/2Wx4laM6rpGkr34N3MGxxzSkvzRfRh9kKkAcyq6uJB8GGcFnRZQGL017KTdRNsd8VvmOFLuXbfIZAu3clzPQvOpk7x/d6OXhEADGElRYGXFr7QyNJYEuOg0NrPZyWpXcZPlkFstMqQbzmJR7dgvPFG8KE8aDoyJHBITxcMG8OfKo81pviNtYuEjTsMsOiGSyJKI73vbZRjuZ/zdNEo82xlLunZOHC3yCXQxpVoBNFevhaF5spcM6zw+909FYhzQ0tVHXjmxNctPsp4P+eYugD7bllOsoDKx/4UygLl9rOpw8PtHlqtH+Tdh8YlX3F2dM4r82tkFaLaiMuiFeV38n7n2TLchnrSnogfsWusnvGMzMFO4OlUji/JDTMptwFW2xXG1ugqNiy6F8oj7cntt1wgWulE0EmtcqqpKpQNdkqSvSRW62M5+w6hle6iT9Wh+kiQmKStrcvvO8hvnyyivgyLbqyNQE1MPH4WOxyAtJm2l7N5du26MGrFqou5+lyjzfOyJ58nr5Yci+oW6VnW7APmk7sCDoSpRis2aKTxgsvp78dxCTABkvTwJqwDJwlPQivyLRUZCB7ozCd1VA8IOs3RxM0okjckV0TwbW6h4/EIfLjfIZhzztahvBBKKGpuz/Cq7DksHGtXjh8CW8y4Mh1KjGlNchZ4q/sL/3qB95OjrQDVDATw0/k1cUR7nZTfpWUCMFfDxZ02QLRfRq3h/x9C7fSpKIvOpQJb5rUDcc1+7hBFGLH46ZuUIf4lwomTGBYdvhD9ijryyk+F8tlVXquMsqmWo/pmdljw/Vn6LhNj9eXBLrwQI8z9tvOPmRhz8kEj9VZxokjz48pAVnanEplX/nXy4w1P3+IK1rADR2yc4VQ+hi5fNKwtSoD/MHpe+KliEPTff/3B/Am09XISk5YNtXCchFIzP1I67fT1RyFmyx3t1wD93RYV7xLcxc1br3n/s/qeLjErjxVlad3qjOZKkzK5gJaErv77ZFnZ4isy2sq+ttDcC/DvqfO+CHC8pYyJbhKTuwO0k/PN7GP4+tAl1zq7t9M/VPAx/5We1JObtu7iCi+ZOEyZ6O0j1j363+lG2mLjfEEcRRyOsQX2mQIZzM9ETCOziLvnWvQbTu+klkAsOq9fTxRY5IyfgZnuNis3555OXu7iAFIcyyyR1mS3VdGtHhJuf4TUB6kn79aAmKl9dEQBjOz23wyxowK0SWIXYYb8G1Ym0UJdKi+ovUYAvDH8QXG6oEfwnIeMV2n7aNOD94wRvTHpDsGJsZRdNLxV95OU6oEEq4hkILSlKAGfNLt6DVdgztqed9xiLUT4ev0+xSZYU4ShchdcRwW429qmi+CzPPvijL0hkcte8tPF1TQu/VrBW65Ojc/5vrK9bHQ9W9a1Jj7GMRcyxkaWdlc3Q9MTE0MjkzLHM9OTQ4NWE4NjI5MDllN2Q3ZTY0OWI4N2EzOTQ5ZDc2OTVhODc5Nzg2NTdlNzU3Yzg2ODI3Mzc5N2ZhOTYyNjI2YWFkN2FiMjdhOTM5ODcxNmY=
.joebiden.com/	1969-12-31 23:59:59	Name: incap_ses_246_1983876 Value: pmb4U4t2iSlF/aap0PdpA0KWbV8AAAAA56phdCImJ5F26bO7n8wbBQ==
.secure.joebiden.com/	1970-01-19 12:43:41	Name: x-ms-routing-name Value: self
.secure.joebiden.com/	1970-01-19 12:43:41	Name: TiPMix Value: 8.65141894139881
secure.joebiden.com/	1970-01-19 21:29:13	Name: ai_user Value: 29Gko\|2020-09-25T07:03:31.840Z
.joebiden.com/	1969-12-31 23:59:59	Name: nlbi_1983876 Value: gQe3HoX51UbXut9tbNEK1QAAAABCh2LEmse58VVS79RUTac3
secure.joebiden.com/	1970-01-19 12:43:39	Name: ai_session Value: 7vTR9\|1601017411917.215\|1601017411917.215
.joebiden.com/	1970-01-19 21:28:05	Name: visid_incap_1983876 Value: bvHLVfKwSZiS33lUYnuDB0GWbV8AAAAAQUIPAAAAAAC0y1wazOsWDqwhsuVyZa+L

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading (v1): 581.766845703125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing (v1): 29.93212890625 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render (v1): 628.827880859375 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill (v1): 12.185302734375 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form (v1): 1264.8251953125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 1383.781005859375 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.joebiden.com
actions.everyaction.com
actions.ngpvan.com
az416426.vo.msecnd.net
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
forms-prod.azurewebsites.net
js.verygoodvault.com
nvlupin.blob.core.windows.net
p.typekit.net
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.joebiden.com
secure.ngpvan.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
13.69.66.140
143.204.215.76
143.204.215.87
2600:9000:206e:0:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:809::2008
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c0c::9a
2a00:1450:400c:c0c::9c
2a01:4a0:1338:28::c38a:ff0b
2a02:26f0:10c:5a4::19fd
2a03:2880:f02d:12:face:b00c:0:3
40.114.13.25
45.60.33.183
52.239.157.138
99.86.245.122
0061053848f04ed531336574ed591c136cf8f424b5d68914b2a407a289412eea
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
0fec46fd1ff97473c5d2a1c0975702d1dac394ad6f052ad108caa5b82910b5c6
10163790c78b3eb4816880a34f31c3c8fca656e31d321a57719e4e463c8cb0c0
1081787d4e0206045f2e92f3762067c5b8cd02a926e736a09f52795a5c38d1b4
19f500ec1f3199b08c02e222e2a49b0eca8deec658476e62f4924dcf28c471da
1b01421c3d3f5daeecbbf3e62fb7e0a8d7ad1d5e7af085a0328992a7c7fae9ba
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2775a7159d5429349686f9b3b52ee2ebab8c197a8607100bca18f985e2bee49d
399b74d5c490c525fe70cdc083fb3cd31f399c64829f652f8594bbbc3993ab4b
3cbad3e42141ac8c6c14eeec5fbfb57c6ac109f47f3d95327a446ef24b675b6a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45de66fc12f36cbd296f8cc2b8ea36e78ad88d5226a6d04c9ddde1f59ab0a84a
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
482b824e22e980fde1d49d8b8dd6643eaf9bc7329fe3c40dd446a14586fdb35d
50114121088bef28d7999dd67bd4391c3aadf5e9a31988e2c388ebe75f6abeb0
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
688816a43741acb40cfba1d451d322792a82a7504c38d04a64deed74601e9286
6b6f5caee86e91d858b7420da1627088ba29260fce89a6ba67681967a230e894
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ca8a82d8f5b39340f3c4e882031ef939f58a0edc22b45802ac60b4df69b51a3
80d9c2a8983313423529c5d608471b00760cb73c14fe1fe73dcdae7cc7f2b2de
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8d4ecfe5c5c9aa6208f6ba9c540dfa88ef66bfe05e033997959b1227000c226a
8f10dfce3195a8c561f8a964f45a16c2641a52dc3ac7075989b48014c12ebec7
98e6881447e0e7829ebc22121a935f7654b29447bb2e5b8f3fd47b906e440cb2
a6f69dbeaa11b7e2e659ceab61c5e6f1f2bdc3578f3e20278e64d2400ead3e58
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
c25d6f367de53359a0f5c0762446ddfab8670d89e91a8838444801a5dba99276
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d8ffe5088bf3bc6a8525456c014a33472708a141e3d450f81d7ec45818be963f
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9083ecbf1ac324dc8431bced7a2897aba0582b4e1cb56c3719aead4def3a80
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f974a46889986a4e3c083130d196c0497b0b67769ef0ade6528eb70b0267554e
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

secure.joebiden.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

58 Requests

100 %HTTPS

61 %IPv6

15 Domains

22 Subdomains

18 IPs

6 Countries

863 kBTransfer

2398 kBSize

8 Cookies

13 Outgoing links

Page URL History

Redirected requests

58 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.joebiden.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

58
Requests

100 %
HTTPS

61 %
IPv6

15
Domains

22
Subdomains

18
IPs

6
Countries

863 kB
Transfer

2398 kB
Size

8
Cookies

58 HTTP transactions
2 data transactions