urlscan.io logo urlscan.io
SecurityTrails logo

www.biden-official.com Open in urlscan Pro
99.83.224.11  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://biden-official.com/
Effective URL: https://www.biden-official.com/
Submission: On August 22 via api from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 8 domains to perform 45 HTTP transactions. The main IP is 99.83.224.11, located in Seattle, United States and belongs to AMAZON-02, US. The main domain is www.biden-official.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 21st 2020. Valid for: 3 months.
This is the only time www.biden-official.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 99.83.230.40 16509 (AMAZON-02)
5 99.83.224.11 16509 (AMAZON-02)
21 2600:9000:218... 16509 (AMAZON-02)
1 104.111.228.123 16625 (AKAMAI-AS)
1 103.210.161.83 63199 (CDSC-AS1)
1 104.20.24.216 13335 (CLOUDFLAR...)
9 2600:9000:21f... 16509 (AMAZON-02)
2 151.101.65.21 54113 (FASTLY)
1 2a03:2880:f02... 32934 (FACEBOOK)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 47.246.2.253 24429 (TAOBAO Zh...)
1 23.37.43.154 16625 (AKAMAI-AS)
45 12
2    99.83.230.40 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a382da47b0eca2576.awsglobalaccelerator.com
biden-official.com
5    99.83.224.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a54d2844073b80499.awsglobalaccelerator.com
www.biden-official.com
21    2600:9000:2182:7800:18:b53b:8340:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.xshoppy.shop
1    104.111.228.123 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-228-123.deploy.static.akamaitechnologies.com
www.paypalobjects.com
1    103.210.161.83 (China)

ASN63199 (CDSC-AS1, US)
cdn.trackingmore.com
1    104.20.24.216 (United States)

ASN13335 (CLOUDFLARENET, US)
www.17track.net
9    2600:9000:21f3:c400:13:2e6f:fc40:93a1 (United States)

ASN16509 (AMAZON-02, US)
img.xshoppy.shop
2    151.101.65.21 (United States)

ASN54113 (FASTLY, US)
www.paypal.com
1    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2606:4700:10::6814:471a (United States)

ASN13335 (CLOUDFLARENET, US)
s.trackingmore.com
1    47.246.2.253 (San Mateo, United States)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
1    23.37.43.154 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-43-154.deploy.static.akamaitechnologies.com
t.paypal.com
Domain Requested by
21 static.xshoppy.shop www.biden-official.com
static.xshoppy.shop
9 img.xshoppy.shop www.biden-official.com
5 www.biden-official.com static.xshoppy.shop
2 www.paypal.com www.biden-official.com
www.paypalobjects.com
2 biden-official.com 2 redirects
1 t.paypal.com www.biden-official.com
1 at.alicdn.com static.xshoppy.shop
1 s.trackingmore.com cdn.trackingmore.com
1 connect.facebook.net www.biden-official.com
1 www.17track.net www.biden-official.com
1 cdn.trackingmore.com www.biden-official.com
1 www.paypalobjects.com www.biden-official.com
45 12

This site contains no links.

Subject Issuer Validity Valid
biden-official.com
Let's Encrypt Authority X3		 2020-08-21 -
2020-11-19		 3 months crt.sh
*.xshoppy.shop
Amazon		 2020-04-20 -
2021-05-20		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-09 -
2022-01-12		 2 years crt.sh
*.trackingmore.com
RapidSSL RSA CA 2018		 2020-02-14 -
2021-04-14		 a year crt.sh
*.17track.net
GeoTrust RSA CA 2018		 2020-02-27 -
2022-03-30		 2 years crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-17 -
2021-08-17		 a year crt.sh
*.alicdn.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-08-11 -
2021-08-12		 a year crt.sh
t.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2020-01-09 -
2022-01-12		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.biden-official.com/
Frame ID: 9DE7A113B8ACBD2E25895037AC3A2B9F
Requests: 44 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://biden-official.com/ HTTP 301
    https://biden-official.com/ HTTP 302
    https://www.biden-official.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /openresty(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

45
Requests

98 %
HTTPS

33 %
IPv6

8
Domains

12
Subdomains

12
IPs

4
Countries

5224 kB
Transfer

6709 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://biden-official.com/ HTTP 301
    https://biden-official.com/ HTTP 302
    https://www.biden-official.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.biden-official.com/
Redirect Chain
  • http://biden-official.com/
  • https://biden-official.com/
  • https://www.biden-official.com/
112 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
99.83.224.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a54d2844073b80499.awsglobalaccelerator.com
Software
openresty /
Resource Hash
6384b2607c9643bbd09920f9066cd2bc16231d42c4ea425ed92bdf1af11c7b1f

Request headers

:method
GET
:authority
www.biden-official.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ssid=32189; utuni=1adda5b73255da29dd8ce1e17f1706a8b1b5bf22f9f8492d0198383beddecf02a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A2539872704%3B%7D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
openresty
date
Sat, 22 Aug 2020 18:10:10 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
ssid=32189; expires=Sun, 23-Aug-2020 18:10:10 GMT; Max-Age=86400; path=/; domain=www.biden-official.com; HttpOnly ssid=32189; expires=Sun, 23-Aug-2020 18:10:10 GMT; Max-Age=86400; path=/; domain=xshoppy.shop; HttpOnly
content-encoding
gzip

Redirect headers

status
302
server
openresty
date
Sat, 22 Aug 2020 18:10:09 GMT
content-type
text/html; charset=UTF-8
location
https://www.biden-official.com/
set-cookie
ssid=32189; expires=Sun, 23-Aug-2020 18:10:08 GMT; Max-Age=86400; path=/; domain=biden-official.com; HttpOnly ssid=32189; expires=Sun, 23-Aug-2020 18:10:08 GMT; Max-Age=86400; path=/; domain=xshoppy.shop; HttpOnly utuni=1adda5b73255da29dd8ce1e17f1706a8b1b5bf22f9f8492d0198383beddecf02a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A2539872704%3B%7D; expires=Mon, 21-Sep-2020 18:10:08 GMT; Max-Age=2591999; path=/; domain=biden-official.com; HttpOnly
styles.min.css
static.xshoppy.shop/liquid/buyer/public/css/ 		206 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/css/styles.min.css?t=20200821154042
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
ac728a5d995596c77e99a1e627e5a77be186b219b5b1cdbedc68ff77ddd59a30

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:08:28 GMT
content-encoding
gzip
vary
Accept-Encoding
age
102
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:31 GMT
server
Tengine
etag
"5f3fa517-337e9"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
L5fG93bmFfD9UhjvK9ZKSZ2KUBxHxrdi3zWcMDURAAT73eiK4CzB8w==
sail004.comm.min.css
static.xshoppy.shop/liquid/buyer/public/css/ 		96 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/css/sail004.comm.min.css?t=20200821154042
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
3cf314cf2a0af4b48b68f8665ef0729316ce78eca8523152fe1f7903b15db288

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:10 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:35 GMT
server
Tengine
etag
"5f3fa51b-1814b"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/css
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
uICsijUEB0LCn7jA-tylJCf00E4_gL1pD1gGofR4ee8y0OvyvIyS5g==
init.js
static.xshoppy.shop/liquid/buyer/public/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/js/init.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
b37d2275a3cec8fce2becfcc2eace5d708b8d3d34b89780a76a9392eda1e1a62

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:08:42 GMT
content-encoding
gzip
vary
Accept-Encoding
age
88
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:24 GMT
server
Tengine
etag
"5f3fa510-491"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
M-2cdFujYIpUAgwSQitN8-aVWsi3HcZyop3HiVPx-VPhgwtPEziQmw==
jquery.js
static.xshoppy.shop/liquid/buyer/public/js/plug/ 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/js/plug/jquery.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
c716e3fdbaca59d992830a8a124a698ebb4a1720afe9de818ab73c0e68ed5f80

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:10 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:43 GMT
server
Tengine
etag
"5f3fa523-16c57"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
hmUjHivnOQ0vrxM7qbLZ1SLwFEkFmAwJGQ86SqqBDW9m3JtPf_PnMA==
checkout.min.js
www.paypalobjects.com/api/ 		885 KB
211 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypalobjects.com/api/checkout.min.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.228.123 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-228-123.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c777bc7c49fbc490faa0e8923340a32581f879c30e6f4aecd6d9689da6fd07a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:10 GMT
x-pad
avoid browser bug
x-content-type-options
nosniff
status
200
content-encoding
gzip
vary
Accept-Encoding
content-length
215089
last-modified
Fri, 14 Aug 2020 16:56:22 GMT
server
Apache
strict-transport-security
max-age=31536000
access-control-allow-methods
GET
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
access-control-allow-headers
x-csrf-token
expires
Sun, 23 Aug 2020 18:10:10 GMT
Swiper.js
static.xshoppy.shop/liquid/buyer/public/js/plug/ 		121 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/js/plug/Swiper.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
bce11b54f4502651db79c0a244eb6ca40242ca5c2322dbecfcfa3db108d2b8c7

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:08:28 GMT
content-encoding
gzip
vary
Accept-Encoding
age
118
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:27 GMT
server
Tengine
etag
"5f3fa513-1e3a3"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
6WbghI3hlFr5PiiSVqIba_ujscrhgZY0LBg1i4o2cbQmRYdkdswm5g==
jhPlugin.js
static.xshoppy.shop/liquid/buyer/public/js/plug/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/js/plug/jhPlugin.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
52daf0cf02e71df2c5c973345ca2164ecc1d315f2235d45db64764d9167084c3

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:10 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:27 GMT
server
Tengine
etag
"5f3fa513-2d3f"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
EtmpOdaRAHspVJKyZPgWdJLvkrDr0gxVOc-zPBC4Z2E4xwA2YPyGMA==
buttonCurrent.js
cdn.trackingmore.com/plugins/v1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trackingmore.com/plugins/v1/buttonCurrent.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.210.161.83 , China, ASN63199 (CDSC-AS1, US),
Reverse DNS
Software
openresty /
Resource Hash
0bb38e6acaf65e0f0050788f553c9813aba08ba054ef91e2b7d8e5bc5e9199eb

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 22 Aug 2020 18:10:11 GMT
Content-Encoding
gzip
Last-Modified
Mon, 18 Feb 2019 06:00:33 GMT
Server
openresty
ETag
W/"5c6a4a01-d0c"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=2592000
Transfer-Encoding
chunked
Connection
close, keep-alive
Expires
Mon, 21 Sep 2020 18:10:11 GMT
externalcall.js
www.17track.net/ 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.17track.net/externalcall.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.24.216 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de640a7615374dd4fe10e38760949b07b2804f353e98bf39753e024ac310b61e

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:10 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 30 Jun 2020 07:53:42 GMT
server
cloudflare
age
998091
etag
W/"788a-5Wvf8GK8Q480SoS3CjkaThCC1r4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
nginx-cache
HIT
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=7200
cf-ray
5c6e8c910971168d-ARN
cf-request-id
04b8f62ea30000168dca361200000001
banner2.png
static.xshoppy.shop/theme/faker/ 		365 KB
366 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/theme/faker/banner2.png
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
e26a21c2870e4f8fb82db92fca3235075d16d642301f00fcf7fa665b5ade3925

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 01 Aug 2020 00:13:15 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
1879015
x-cache
Hit from cloudfront
status
200
content-length
373827
last-modified
Wed, 29 Jul 2020 11:16:07 GMT
server
Tengine
etag
"5f215a77-5b443"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
tQYuIzTzcDrPvkB18Qk7pkenolne6I2-6mQ6Zz_tZXamwDl7VP0URA==
expires
Mon, 31 Aug 2020 00:13:15 GMT
513c6e1f44b405e5b6beefa25a503e3c.jpg
img.xshoppy.shop/uploader/ 		129 KB
129 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/513c6e1f44b405e5b6beefa25a503e3c.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b15fbf94c209eb83966d0ec6b06c5ca3a58321fe5f5a919452d054d2b77d33fd

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:41 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F4082250D74E3393286FFB9
age
56670
x-cache
Hit from cloudfront
status
200
content-length
131928
x-oss-object-type
Multipart
last-modified
Sat, 22 Aug 2020 00:55:26 GMT
server
AliyunOSS
etag
"378052FBAEEDAB030183D3500F2E42B0-1"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
6879413984474731082
x-amz-cf-id
FaYsz8SIfpVckG0hma_fCRhv2yhSe53NgciRa6AcGp9_jCqD63TI4w==
x-oss-server-time
18
default.png
static.xshoppy.shop/buyer/public/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/default.png
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
1648d9892c801e1f6253943dd752d2851b1724a366a4ad01ac4b5c7e4820285e

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 21 Aug 2020 07:52:30 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
123461
x-cache
Hit from cloudfront
status
200
content-length
6788
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-1a84"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
DArdF4_nbvdwT4IhprKd0K9jgt9Az9mYZTMpjTis3U0jJ7wTlHeREw==
expires
Sun, 20 Sep 2020 07:52:30 GMT
cd85439487aef0da7b76b0c8dc7a2809.png
img.xshoppy.shop/uploader/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/cd85439487aef0da7b76b0c8dc7a2809.png
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
bbc17a1a590cdc445d0fc8d1a1964bd9c706590ef40293fd56491ef60ac6237f

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:46 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F40822AA8BCB731303FF798
age
56665
x-cache
Hit from cloudfront
status
200
content-length
1289335
x-oss-object-type
Multipart
last-modified
Fri, 05 Jun 2020 09:46:59 GMT
server
AliyunOSS
etag
"8F70CF57B899D9C9C5B0D81B7ABB72F6-2"
content-type
image/png
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
1825296580757906168
x-amz-cf-id
ZzKJNwddYrERZ79kotk6ARALrD1cRUnz-6beWYP3x8ulzDMRFxJnRA==
x-oss-server-time
3
4dabe9712b56ae90d47b877ed542978c729e89bc.jpg
img.xshoppy.shop/uploader/ 		168 KB
169 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/4dabe9712b56ae90d47b877ed542978c729e89bc.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0554bd20b8b48f042457fb43a83baace47a5bebb3f15de0ec0a5d6ddedc8c5a4

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:44 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F4082280D74E339321011BA
content-md5
GpiWYCJYLIqxfp/QJwLCgA==
age
56666
x-cache
Hit from cloudfront
status
200
content-disposition
inline; filename="15597539_750"
content-length
172227
x-oss-object-type
Normal
last-modified
Tue, 09 Jun 2020 18:19:26 GMT
server
AliyunOSS
etag
"1A98966022582C8AB17E9FD02702C280"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
11968389828382147803
x-amz-cf-id
du3be3S_iD6_9rRrpM9smoZcw5GlnzhiLIPSmWksfIccxVHFz2invA==
x-oss-server-time
14
de6b623153e53b24468466be2a2f0479.png
img.xshoppy.shop/uploader/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/de6b623153e53b24468466be2a2f0479.png
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
473610d88544682244d3c14060f81fc736dc8a2f12fbf9a9705fd4d9de0f63af

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:45 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F4082293ABA6730307A4268
age
56666
x-cache
Hit from cloudfront
status
200
content-length
1067501
x-oss-object-type
Multipart
last-modified
Fri, 05 Jun 2020 09:47:53 GMT
server
AliyunOSS
etag
"2ED785FF39FBFA140FA166942F33E1B2-2"
content-type
image/png
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
4954327851412075990
x-amz-cf-id
OU7NZGD0aXnpXRuHJGjAmrhxVY0c8iTDTH1FKTNM7rUu7UJGM3oOBA==
x-oss-server-time
35
2d2232bd037776d7f882166ba5498c12.jpg
img.xshoppy.shop/uploader/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/2d2232bd037776d7f882166ba5498c12.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
cee57f5496f139159205b9969f78bfd8b50c04f2c4a69c1d43a25d54bafaf805

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:47 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F40822B2432E33935ACFA83
content-md5
kojyU1zFiLHWPzenD5JVWA==
age
56664
x-cache
Hit from cloudfront
status
200
content-length
32193
x-oss-object-type
Normal
last-modified
Fri, 05 Jun 2020 09:46:28 GMT
server
AliyunOSS
etag
"9288F2535CC588B1D63F37A70F925558"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
18355267147846996118
x-amz-cf-id
mHGhCwptkD_lnwjaicJIY_CTVS2Ffe5bp-rLDz8H7Yvri2nxVoCEaQ==
x-oss-server-time
75
f12c64541f90e237f1e47972cbe7d18a.jpg
img.xshoppy.shop/uploader/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/f12c64541f90e237f1e47972cbe7d18a.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
28cd8b047ef4e11ce412c62f3f8295410fa0b496ff60e3c8467fdd9fb9d3a8ee

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:46 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F40822A23395D34386308DD
age
56665
x-cache
Hit from cloudfront
status
200
content-length
141763
x-oss-object-type
Multipart
last-modified
Fri, 05 Jun 2020 09:46:59 GMT
server
AliyunOSS
etag
"AFC75335F3FE976F7C5665464280AFF6-1"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
6597751759437941748
x-amz-cf-id
oP7AHQXuibpxgacKfebk1G4OgSIsqQJ-JOepqX7PgOQp4GnlQVZlCw==
x-oss-server-time
22
48eab935656d9ba9368e39a7d58f0fe4.jpg
img.xshoppy.shop/uploader/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/48eab935656d9ba9368e39a7d58f0fe4.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
707a954ce60826f8e2e34de35250ac4c6fff43981f8c50b6fcbd98c9439ba187

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:47 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F40822BBCC63E363354D01E
age
56664
x-cache
Hit from cloudfront
status
200
content-length
109064
x-oss-object-type
Multipart
last-modified
Fri, 05 Jun 2020 09:46:24 GMT
server
AliyunOSS
etag
"4C7BE38B75E01157F90C136AD2F8363A-1"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
6164366467679729266
x-amz-cf-id
E9Q0Dle1zAbz5X_p1cVWLID83XD4ROk4zKC58dHVlhiCplrDJ05BqQ==
x-oss-server-time
28
85219ee3536b74f1402b5f3c2a926aa2.jpg
img.xshoppy.shop/uploader/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/85219ee3536b74f1402b5f3c2a926aa2.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a6d2cf9a6560ad237b09d9d567274b8f87f7f59cdf58c873c8ec775c3ffbaf90

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:45 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F40822985566F3839E37D9A
content-md5
LozKWis+g1njzQy4wgFYiA==
age
56665
x-cache
Hit from cloudfront
status
200
content-length
73944
x-oss-object-type
Normal
last-modified
Fri, 05 Jun 2020 09:46:24 GMT
server
AliyunOSS
etag
"2E8CCA5A2B3E8359E3CD0CB8C2015888"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
12411355148702274909
x-amz-cf-id
ApiHbSDGTp8y0M0ewyVeuc0UPV2WXUiDbuhZS95S9m2cCSUKicgQ1A==
x-oss-server-time
29
9935c815203bac310021ca4343b48790f8eaa966.jpg
img.xshoppy.shop/uploader/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.xshoppy.shop/uploader/9935c815203bac310021ca4343b48790f8eaa966.jpg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:21f3:c400:13:2e6f:fc40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
05daee39e9612418baa120a45db4524ea25860e003a8601ca829a46fc149991e

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:45 GMT
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
x-oss-request-id
5F408229E940463433E2AE20
content-md5
kdwo3Dml/BH45BKZa6WSZQ==
age
56666
x-cache
Hit from cloudfront
status
200
content-disposition
inline; filename="15598455_750"
content-length
159043
x-oss-object-type
Normal
last-modified
Tue, 09 Jun 2020 18:19:28 GMT
server
AliyunOSS
etag
"91DC28DC39A5FC11F8E412996BA59265"
content-type
image/jpeg
x-oss-storage-class
Standard
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-oss-hash-crc64ecma
3792795907612839036
x-amz-cf-id
PVB0pwugeRID2Maf3rBMgm67xgNlBMp1OG-SsoVNyrrU4BfvEbUdEA==
x-oss-server-time
35
remembered
www.paypal.com/checkoutnow/ 		66 B
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/checkoutnow/remembered?callback=paypalisrememberedcallback
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
47f1bf737f83f0054b66bf51c560205588a69a8e65d0c00961046d699d0e1afc
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://connect.facebook.net https://www.facebook.com https://m.facebook.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.cardinalcommerce.com https://staticxx.facebook.com https://www.facebook.com https://m.facebook.com https://*.baidu.com https://*.baifubao.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src https: data:; base-uri 'self' https://*.paypal.com; object-src 'none'; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
x-powered-by
Express
dc
ccg11-origin-www-1.paypal.com
x-cache
MISS, MISS
status
200
paypal-debug-id
8c4f97a0d8abc
content-encoding
br
shield-pop
LAX
x-csrf-jwt-hash
d9d9aac6b914c7abcdeaa9050d5773db17731152808b7097a43636ac2456260a
x-xss-protection
1; mode=block
x-served-by
cache-lax8647-LAX, cache-bma1643-BMA
server
nginx/1.14.0 (Ubuntu)
x-timer
S1598119811.083701,VS0,VE264
date
Sat, 22 Aug 2020 18:10:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
x-csrf-jwt
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ0b2tlbiI6ImdOWUI5NXJwZ1BUeDB1ZnBXNldRMnlEa1FscW1hT2V5bDJlX1VyTVdXTUhZaEJJazdZZTdpOWVSNXZJZ0JMaWZ5QkswZHQtZVRmZVFVQ0hsVGVUNlNyb3hMSnlCTlNPZElJVDBXYTZsanBsb3ZBMDJac2gybGFUeWlUM1B5VEEzN1lWWUZvcU5OUlA5andwQ1dfdlgxY1R2bThLUEFERUp6QllqUlRreDYtWFB5eVVJeU9la1pmM3ZMTlMiLCJpYXQiOjE1OTgxMTk4MTEsImV4cCI6MTU5ODEyMzQxMX0.kvnRx9lWT_OKoK6wB4jyHHTvjxizHgqacb9d8NSpIIg
vary
Accept-Encoding
cache-control
max-age=0, no-cache, no-store, must-revalidate
etag
W/"42-4SbENl3yIM7WtFI51AQmuKOWROQ"
accept-ranges
bytes, none
x-cache-hits
0, 0
paypal.png
static.xshoppy.shop/buyer/public/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/paypal.png
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
53f8d9807953a01888dea03514d29467b1b0f25297cdcbfed6b939b165a71ede

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 21 Aug 2020 07:52:30 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
vary
Accept-Encoding
age
123461
x-cache
Hit from cloudfront
status
200
content-length
2738
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-ab2"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/png
cache-control
max-age=2592000
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
xU74SApsn4iiqNVzt6QfIjsOB4EI5BZjozIkc4ibmm_jN6QRz_b9jQ==
expires
Sun, 20 Sep 2020 07:52:30 GMT
paypal.svg
static.xshoppy.shop/buyer/public/img/payment/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/payment/paypal.svg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 07:52:37 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
age
37061
x-cache
Hit from cloudfront
status
200
content-length
8529
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-2151"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Lb7bsRxAxyv7Xy9s5K8w7DECFobrDatdXTzH-tPMaofq3zccx7tu4Q==
visa1.svg
static.xshoppy.shop/buyer/public/img/payment/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/payment/visa1.svg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 07:52:37 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
age
37061
x-cache
Hit from cloudfront
status
200
content-length
3614
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-e1e"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
ZTx-dFnpPTVesOX3qaXXfhh9dCtjT5vU2q1MXYVeSLeIhE7lxOk_Kw==
mastercard.svg
static.xshoppy.shop/buyer/public/img/payment/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/payment/mastercard.svg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 07:52:37 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
age
37061
x-cache
Hit from cloudfront
status
200
content-length
12166
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-2f86"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Wc3qVPPshi4O1ZC8hBjTkoBBrWOpUfsvViDvJFlrFOdze_n1X4FH7A==
maestro.svg
static.xshoppy.shop/buyer/public/img/payment/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/payment/maestro.svg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 07:52:37 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
age
37057
x-cache
Hit from cloudfront
status
200
content-length
8360
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-20a8"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Ekj5VbJLT4nBI7cPnbNyD9d8EEg8DqUZnrGSnOkk432DbUM9xVF_ng==
AmericanExpress.svg
static.xshoppy.shop/buyer/public/img/payment/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xshoppy.shop/buyer/public/img/payment/AmericanExpress.svg
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 07:52:37 GMT
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
age
37061
x-cache
Hit from cloudfront
status
200
content-length
10501
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-2905"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/svg+xml
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
v3GUg9IM-1-ztkCGASbugI7QAVDEBGwE2f0Vo6c3LvWrbXk3PfQGMw==
event.js
static.xshoppy.shop/liquid/buyer/public/js/lib/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/js/lib/event.js?t=20200821154042
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
929e360c225fd37ab1bb4c02da3ca12970ed2cd449e5e902f9d9d4efb4b00407

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:11 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:29 GMT
server
Tengine
etag
"5f3fa515-1cf1"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
i6m5E3Td9ExMwiZYqBpnhdLCJTd62o__PjmG2_WppYNJ_VIxdDBjSg==
index.js
static.xshoppy.shop/liquid/buyer/public/js/lib/ 		287 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/js/lib/index.js?t=20200821154042
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash
7bb780c1a0ae8a4aa8bd2ba11becf2598e4b18f4d975dbfc16929579e06f0fac

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:11 GMT
content-encoding
gzip
vary
Accept-Encoding
x-amz-cf-pop
DUS51-C1
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 21 Aug 2020 10:42:35 GMT
server
Tengine
etag
"5f3fa51b-47b8c"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
Gb65bBzQE_0E2ja8uH4cVWJhmdb_YTkIafnQLsAtqW2V4ybWkdu6DA==
pptm.js
www.paypal.com/tagmanager/ 		12 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paypal.com/tagmanager/pptm.js?id=www.biden-official.com&source=checkoutjs&t=xo&v=4.0.317
Requested by
Host: www.paypalobjects.com
URL: https://www.paypalobjects.com/api/checkout.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.21 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Gv36hTCDdmV4qUmwHGF8KwP5hVNCoB2ouMtjG6INHflWUbRr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-Gv36hTCDdmV4qUmwHGF8KwP5hVNCoB2ouMtjG6INHflWUbRr' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline'; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; block-all-mixed-content;; report-uri https://www.paypal.com/csplog/api/log/csp
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
age
0, 0, 0, 0
x-cache
MISS, MISS
status
200
paypal-debug-id
27ed4b7932865
dc
phx-origin-www-2.paypal.com
shield-pop
LAX
x-xss-protection
1; mode=block
x-served-by
cache-lax8651-LAX, cache-bma1643-BMA
server
nginx/1.14.0 (Ubuntu)
x-timer
S1598119812.744192,VS0,VE565
x-frame-options
SAMEORIGIN
date
Sat, 22 Aug 2020 18:10:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/x-javascript; charset=utf-8
content-encoding
br
vary
Accept-Encoding
cache-control
public, max-age=3600
etag
W/"310f-FGviSVLWgsmjFEfYfieMcNrYi0M"
accept-ranges
bytes, bytes, bytes, none
x-cache-hits
0, 0
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
nuUClQA2wjJU+cNX13gY+cArpEfsv8ChgzZyX8utOxAg0EdA+i3UihtI5Z8UqeouP+6NGzKaJecum7IaDd67kQ==
x-fb-trip-id
1460883810
x-frame-options
DENY
date
Sat, 22 Aug 2020 18:10:11 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
plugins.css
s.trackingmore.com/plugins/v1/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s.trackingmore.com/plugins/v1/plugins.css?time=20190110
Requested by
Host: cdn.trackingmore.com
URL: https://cdn.trackingmore.com/plugins/v1/buttonCurrent.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:471a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f7cc4944811a1166b36e414b6cd88f50d7dea0b90f09c1c5686948b206ccfd

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 18:10:11 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 10 Jan 2019 11:25:59 GMT
server
cloudflare
age
451647
etag
W/"5c372bc7-be7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
cf-ray
5c6e8c98a8f5c2ae-FRA
cf-request-id
04b8f633640000c2aeeb1e8200000001
expires
Wed, 16 Sep 2020 12:42:44 GMT
OldStandard-Regular.ttf
static.xshoppy.shop/buyer/public/css/font/ 		63 KB
64 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/buyer/public/css/font/OldStandard-Regular.ttf?v=www.biden-official.com
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Origin
https://www.biden-official.com
Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 16:38:20 GMT
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age
5511
x-cache
Hit from cloudfront
status
200
content-length
64784
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-fd10"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.biden-official.com
cache-control
max-age=43200
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
1UGwnQrtcfRdL_t7b_majMzeNymaV8XrX8W8ep1TmFIut93M9js0xw==
expires
Sun, 23 Aug 2020 04:38:20 GMT
font_871426_hwnhk4iyit.woff2
at.alicdn.com/t/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_871426_hwnhk4iyit.woff2
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/css/styles.min.css?t=20200821154042
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
47.246.2.253 San Mateo, United States, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Origin
https://www.biden-official.com
Referer
https://static.xshoppy.shop/liquid/buyer/public/css/styles.min.css?t=20200821154042
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 08 Jul 2020 03:49:57 GMT
via
cache3.l2de2[523,200-0,M], cache16.l2de2[523,0], cache9.ru3[0,200-0,H], cache8.ru3[1,0]
x-oss-request-id
5F05426459CCFC3234F5579B
content-md5
9ZNSsrm+4LwO3AosDSgDSw==
age
3939615
x-cache
HIT TCP_MEM_HIT dirn:9:156106806
status
200
x-swift-cachetime
63072000
x-swift-savetime
Wed, 08 Jul 2020 03:49:57 GMT
content-length
28576
x-oss-object-type
Normal
last-modified
Tue, 07 Jul 2020 03:42:24 GMT
server
Tengine
etag
"F59352B2B9BEE0BC0EDC0A2C0D28034B"
ali-swift-global-savetime
1594180197
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
6771416453545783598
eagleid
2ff6029c15981198121884126e
x-oss-server-time
63
arapey-regular.ttf
static.xshoppy.shop/buyer/public/css/font/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/buyer/public/css/font/arapey-regular.ttf?v=www.biden-official.com
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Origin
https://www.biden-official.com
Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 16:38:20 GMT
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age
5511
x-cache
Hit from cloudfront
status
200
content-length
26764
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-688c"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.biden-official.com
cache-control
max-age=43200
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iUg8KQxMgwQpvps1ZDsjZTfQGtvO0OTnSgXMShs5H1aUKM6h4RshdQ==
expires
Sun, 23 Aug 2020 04:38:20 GMT
Montserrat-Regular.ttf
static.xshoppy.shop/buyer/public/css/font/ 		357 KB
358 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/buyer/public/css/font/Montserrat-Regular.ttf?v=www.biden-official.com
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Origin
https://www.biden-official.com
Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 16:38:20 GMT
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age
5511
x-cache
Hit from cloudfront
status
200
content-length
365480
last-modified
Fri, 21 Aug 2020 03:46:55 GMT
server
Tengine
etag
"5f3f43af-593a8"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.biden-official.com
cache-control
max-age=43200
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
py54PGYEhxEK7MjCrXyqtq0Xk1Cnl2POpFVmntaP9WCFOR9xpg1-XA==
expires
Sun, 23 Aug 2020 04:38:20 GMT
Montserrat-SemiBold.ttf
static.xshoppy.shop/liquid/buyer/public/css/font/ 		356 KB
357 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/css/font/Montserrat-SemiBold.ttf
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/css/sail004.comm.min.css?t=20200821154042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Origin
https://www.biden-official.com
Referer
https://static.xshoppy.shop/liquid/buyer/public/css/sail004.comm.min.css?t=20200821154042
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:48 GMT
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age
56663
x-cache
Hit from cloudfront
status
200
content-length
364672
last-modified
Fri, 21 Aug 2020 10:42:45 GMT
server
Tengine
etag
"5f3fa525-59080"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.biden-official.com
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
CwJ7Lvl5ZT5DeKRr_jkoi_wxfdISczJbeGZ9IKzycTtVtQUR4vNHJA==
Montserrat-Regular.ttf
static.xshoppy.shop/liquid/buyer/public/css/font/ 		357 KB
358 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.xshoppy.shop/liquid/buyer/public/css/font/Montserrat-Regular.ttf
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/css/sail004.comm.min.css?t=20200821154042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2182:7800:18:b53b:8340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Tengine /
Resource Hash

Request headers

Origin
https://www.biden-official.com
Referer
https://static.xshoppy.shop/liquid/buyer/public/css/sail004.comm.min.css?t=20200821154042
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 22 Aug 2020 02:25:48 GMT
via
1.1 962c9e2b0aa7dee39ccec2b38fda120f.cloudfront.net (CloudFront)
age
56663
x-cache
Hit from cloudfront
status
200
content-length
365480
last-modified
Fri, 21 Aug 2020 10:42:45 GMT
server
Tengine
etag
"5f3fa525-593a8"
access-control-max-age
86400
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://www.biden-official.com
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
iXTPpITrFtauaQ6QBYrLZeSGtg3hOBq1STRKHH4T3rX82yVHQO4wzQ==
logger
www.biden-official.com/buyer/statistics/ 		350 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.biden-official.com/buyer/statistics/logger
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
99.83.224.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a54d2844073b80499.awsglobalaccelerator.com
Software
openresty /
Resource Hash
0b46a0df6454adb618f2b800d0e824137c69aed4cd99755befdd22eed221772f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.biden-official.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
200
date
Sat, 22 Aug 2020 18:10:12 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
logger
www.biden-official.com/buyer/statistics/ 		353 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.biden-official.com/buyer/statistics/logger
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
99.83.224.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a54d2844073b80499.awsglobalaccelerator.com
Software
openresty /
Resource Hash
b973bf6003224a5c1563335d8b414d3d06a030da7494d1a310f08f676b7c3e2d

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.biden-official.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
200
date
Sat, 22 Aug 2020 18:10:12 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
cart
www.biden-official.com/buyer/ 		887 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.biden-official.com/buyer/cart
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
99.83.224.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a54d2844073b80499.awsglobalaccelerator.com
Software
openresty /
Resource Hash
a429231bbbecbda5398da92b4277fe8e3887b688dc0ed2137a0052dda0c8ceb6

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.biden-official.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
200
date
Sat, 22 Aug 2020 18:10:12 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
ts
t.paypal.com/ 		42 B
859 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=USA%20Flag-Officials&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&rosetta_language=en-US&e=im&t=1598119812343&g=-120&completeurl=https%3A%2F%2Fwww.biden-official.com%2F&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D
Requested by
Host: www.biden-official.com
URL: https://www.biden-official.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.43.154 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-43-154.deploy.static.akamaitechnologies.com
Software
akka-http/10.1.11 /
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Request headers

Referer
https://www.biden-official.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 22 Aug 2020 18:10:13 GMT
Server
akka-http/10.1.11
P3P
policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
HTTP_X_PP_AZ_LOCATOR
slcb.slc
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Sat, 22 Aug 2020 18:10:13 GMT
free-express
www.biden-official.com/buyer/express/ 		71 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.biden-official.com/buyer/express/free-express
Requested by
Host: static.xshoppy.shop
URL: https://static.xshoppy.shop/liquid/buyer/public/js/plug/jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
99.83.224.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a54d2844073b80499.awsglobalaccelerator.com
Software
openresty /
Resource Hash
8d5332a46fb9de79832d2b8a07ef4241c356c24adeda2e84c0a7939fd38d14da

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.biden-official.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/json

Response headers

status
200
date
Sat, 22 Aug 2020 18:10:12 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
logger
www.paypal.com/xoplatform/logger/api/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.paypal.com
URL
https://www.paypal.com/xoplatform/logger/api/logger

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes number| dpr number| rem function| $ function| jQuery object| __postRobot__ object| __zoid__ function| onLegacyPaymentAuthorize function| watchForLegacyFallback function| onLegacyFallback string| LOG_LEVEL function| __pptmLoadedWithNoContent object| paypal object| PAYPAL object| ppxo function| Swiper object| SAIL_ENV function| lazyLoad function| fbq function| _fbq object| head object| style undefined| script object| LC function| doTrack object| YQ function| UAParser object| update_i18n object| _Modernizr object| YQBrowserCheck object| YQV5 function| yqtrack_v4 object| thumbs_swiper_Lzxgb object| swiper_IRVZd object| obj_top_WYDAT function| bannerSlide_G3wShg function| paypalisrememberedcallback object| paypalisremembered function| _typeof object| $plug object| $http function| stag function| sharetag object| jQuery110207412776292032244 object| paypalDDL

3 Cookies

Domain/Path Name / Value
.www.biden-official.com/ Name: ssid
Value: 32189
.biden-official.com/ Name: utuni
Value: 1adda5b73255da29dd8ce1e17f1706a8b1b5bf22f9f8492d0198383beddecf02a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22utuni%22%3Bi%3A1%3Bi%3A2539872704%3B%7D
.biden-official.com/ Name: ssid
Value: 32189

2 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Invalid PixelID: null.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - Trying to set argument plshopify1.2 for uninitialized Pixel ID .

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

at.alicdn.com
biden-official.com
cdn.trackingmore.com
connect.facebook.net
img.xshoppy.shop
s.trackingmore.com
static.xshoppy.shop
t.paypal.com
www.17track.net
www.biden-official.com
www.paypal.com
www.paypalobjects.com
www.paypal.com
103.210.161.83
104.111.228.123
104.20.24.216
151.101.65.21
23.37.43.154
2600:9000:2182:7800:18:b53b:8340:93a1
2600:9000:21f3:c400:13:2e6f:fc40:93a1
2606:4700:10::6814:471a
2a03:2880:f02d:12:face:b00c:0:3
47.246.2.253
99.83.224.11
99.83.230.40
0554bd20b8b48f042457fb43a83baace47a5bebb3f15de0ec0a5d6ddedc8c5a4
05daee39e9612418baa120a45db4524ea25860e003a8601ca829a46fc149991e
0b46a0df6454adb618f2b800d0e824137c69aed4cd99755befdd22eed221772f
0bb38e6acaf65e0f0050788f553c9813aba08ba054ef91e2b7d8e5bc5e9199eb
0d18c859b3b60b5e1f77185d440a61af49502a178edaaca66dd076d98af11890
1648d9892c801e1f6253943dd752d2851b1724a366a4ad01ac4b5c7e4820285e
28cd8b047ef4e11ce412c62f3f8295410fa0b496ff60e3c8467fdd9fb9d3a8ee
3cf314cf2a0af4b48b68f8665ef0729316ce78eca8523152fe1f7903b15db288
3dacdee596e1bb252d671f8f0afb51c46981e37240c9d4b2377bb66129d4beec
42f7cc4944811a1166b36e414b6cd88f50d7dea0b90f09c1c5686948b206ccfd
43d0a062df3eccf50cf81f80ee88b7d37d7ccd3953a06e3b000e888ca11d2194
473610d88544682244d3c14060f81fc736dc8a2f12fbf9a9705fd4d9de0f63af
47f1bf737f83f0054b66bf51c560205588a69a8e65d0c00961046d699d0e1afc
52daf0cf02e71df2c5c973345ca2164ecc1d315f2235d45db64764d9167084c3
53f8d9807953a01888dea03514d29467b1b0f25297cdcbfed6b939b165a71ede
6384b2607c9643bbd09920f9066cd2bc16231d42c4ea425ed92bdf1af11c7b1f
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
707a954ce60826f8e2e34de35250ac4c6fff43981f8c50b6fcbd98c9439ba187
7bb780c1a0ae8a4aa8bd2ba11becf2598e4b18f4d975dbfc16929579e06f0fac
7d42fd2cf7adef6e2ca9b9b706eef67e44e0f120c1435ea233807b8eda62fc55
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
8d5332a46fb9de79832d2b8a07ef4241c356c24adeda2e84c0a7939fd38d14da
929e360c225fd37ab1bb4c02da3ca12970ed2cd449e5e902f9d9d4efb4b00407
a429231bbbecbda5398da92b4277fe8e3887b688dc0ed2137a0052dda0c8ceb6
a6d2cf9a6560ad237b09d9d567274b8f87f7f59cdf58c873c8ec775c3ffbaf90
a91ec4e3e40185e8c894b5c158532373333331219b55f31b232895becd8e55ee
ac728a5d995596c77e99a1e627e5a77be186b219b5b1cdbedc68ff77ddd59a30
b15fbf94c209eb83966d0ec6b06c5ca3a58321fe5f5a919452d054d2b77d33fd
b37d2275a3cec8fce2becfcc2eace5d708b8d3d34b89780a76a9392eda1e1a62
b973bf6003224a5c1563335d8b414d3d06a030da7494d1a310f08f676b7c3e2d
bbc17a1a590cdc445d0fc8d1a1964bd9c706590ef40293fd56491ef60ac6237f
bce11b54f4502651db79c0a244eb6ca40242ca5c2322dbecfcfa3db108d2b8c7
c716e3fdbaca59d992830a8a124a698ebb4a1720afe9de818ab73c0e68ed5f80
c777bc7c49fbc490faa0e8923340a32581f879c30e6f4aecd6d9689da6fd07a0
cbbe5813f53cf337acc360952a5bc1c623f42abc4160fd0304eb230cad45a55b
cee57f5496f139159205b9969f78bfd8b50c04f2c4a69c1d43a25d54bafaf805
de640a7615374dd4fe10e38760949b07b2804f353e98bf39753e024ac310b61e
e26a21c2870e4f8fb82db92fca3235075d16d642301f00fcf7fa665b5ade3925