www.obama.org Open in urlscan Pro
104.16.91.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.obama.org/?qs=4f462c17eba2cd7a9d275ae75ef595c0b2807837beb8c01e4b976793782e8d624b1234d11a88f13400c7195261bb...
Effective URL:
https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022...
Submission: On February 28 via manual (February 28th 2023, 8:04:51 pm UTC) from US — Scanned from DE

Summary HTTP 308 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 48 IPs in 9 countries across 36 domains to perform 308 HTTP transactions. The main IP is 104.16.91.119, located in and belongs to CLOUDFLARENET, US. The main domain is www.obama.org. The Cisco Umbrella rank of the primary domain is 436875.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 2nd 2022. Valid for: a year.

This is the only time www.obama.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.100.39 13.111.100.39	22606 (EXACT-7) (EXACT-7)
18	104.16.91.119 104.16.91.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 6	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
1 1	23.39.248.185 23.39.248.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:400... 2a04:4e42:400::282	54113 (FASTLY) (FASTLY)
5	23.62.220.135 23.62.220.135	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
66	104.22.5.171 104.22.5.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80d::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.69.141 2.18.69.141	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:803::200a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	52.218.105.234 52.218.105.234	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.63 13.225.78.63	16509 (AMAZON-02) (AMAZON-02)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:400d:80c::200e	15169 (GOOGLE) (GOOGLE)
1	199.232.16.157 199.232.16.157	54113 (FASTLY) (FASTLY)
1	13.225.85.149 13.225.85.149	16509 (AMAZON-02) (AMAZON-02)
2	52.201.100.129 52.201.100.129	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1901:0:b... 2600:1901:0:bc29::	15169 (GOOGLE) (GOOGLE)
3	172.67.71.90 172.67.71.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	13.224.189.97 13.224.189.97	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
52	99.86.4.76 99.86.4.76	16509 (AMAZON-02) (AMAZON-02)
1	147.135.78.45 147.135.78.45	16276 (OVH) (OVH)
1 4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a02:26f0:11a... 2a02:26f0:11a::6867:487b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
59	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:20e... 2600:9000:20eb:ba00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c00::5c	15169 (GOOGLE) (GOOGLE)
2	54.190.190.30 54.190.190.30	16509 (AMAZON-02) (AMAZON-02)
13	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	104.26.4.158 104.26.4.158	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2	107.178.240.159 107.178.240.159	15169 (GOOGLE) (GOOGLE)
308	48

1 13.111.100.39 (Seaside, United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.email.obama.org

click.email.obama.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.16.91.119 (None, )

ASN13335 (CLOUDFLARENET, US)

www.obama.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:807::2004 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.39.248.185 (Paris, France) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-39-248-185.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)

cdn.polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.62.220.135 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-135.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 104.22.5.171 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.69.141 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-69-141.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:803::200a (Ireland)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.105.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:804::2002 (Ireland) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:400d:80c::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.16.157 (Vienna, Austria)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.149 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-149.fra2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.100.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-100-129.compute-1.amazonaws.com

100016450.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:bc29:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

cdn.mxpnl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.67.71.90 (United States)

ASN13335 (CLOUDFLARENET, US)

fndrsp.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-97.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9a (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 99.86.4.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-76.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.135.78.45 (United States)

ASN16276 (OVH, FR)

sentry.fundraiseup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:11a::6867:487b (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

ucarecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

59 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20eb:ba00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.190.190.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-190-190-30.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.4.158 (United States)

ASN13335 (CLOUDFLARENET, US)

fndrsp-checkout.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.240.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.240.178.107.bc.googleusercontent.com

api-js.mixpanel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
113	stripe.com js.stripe.com — Cisco Umbrella Rank: 1051 q.stripe.com — Cisco Umbrella Rank: 6717 r.stripe.com — Cisco Umbrella Rank: 4126 m.stripe.com — Cisco Umbrella Rank: 1056	1 MB
67	fundraiseup.com cdn.fundraiseup.com — Cisco Umbrella Rank: 31910 static.fundraiseup.com — Cisco Umbrella Rank: 31031 api.fundraiseup.com — Cisco Umbrella Rank: 320322 sentry.fundraiseup.com — Cisco Umbrella Rank: 331624	1 MB
23	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2786 play.google.com — Cisco Umbrella Rank: 29	431 KB
19	obama.org 1 redirects click.email.obama.org — Cisco Umbrella Rank: 526062 www.obama.org — Cisco Umbrella Rank: 436875	3 MB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	22 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 358	11 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	287 KB
5	google.de www.google.de — Cisco Umbrella Rank: 6149	798 B
5	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	5 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 36 maps.googleapis.com — Cisco Umbrella Rank: 354	191 KB
4	stripe.network m.stripe.network — Cisco Umbrella Rank: 1159	32 KB
4	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 105	253 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	223 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1580 m.addthis.com — Cisco Umbrella Rank: 1550	169 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 778 syndication.twitter.com — Cisco Umbrella Rank: 1135 analytics.twitter.com — Cisco Umbrella Rank: 628	132 KB
3	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231	1 KB
3	fndrsp.net fndrsp.net — Cisco Umbrella Rank: 30116	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 357	12 KB
2	mixpanel.com api-js.mixpanel.com — Cisco Umbrella Rank: 1973	466 B
2	ucarecdn.com ucarecdn.com — Cisco Umbrella Rank: 16024	26 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 466	7 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 163	4 KB
2	igodigital.com 100016450.collect.igodigital.com — Cisco Umbrella Rank: 806113 nova.collect.igodigital.com — Cisco Umbrella Rank: 4808	3 KB
2	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1431 insight.adsrvr.org — Cisco Umbrella Rank: 575	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 769	72 KB
2	amazonaws.com s3-eu-west-1.amazonaws.com
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	177 KB
1	fndrsp-checkout.net fndrsp-checkout.net — Cisco Umbrella Rank: 362746	512 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 1186	632 B
1	t.co t.co — Cisco Umbrella Rank: 536	378 B
1	mxpnl.com cdn.mxpnl.com — Cisco Umbrella Rank: 3019	18 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 633	15 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1748	1 KB
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 433	1 KB
1	polyfill.io cdn.polyfill.io — Cisco Umbrella Rank: 2232	647 B
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 5883	482 B
308	36

	Domain	Requested by
62	static.fundraiseup.com	cdn.fundraiseup.com static.fundraiseup.com www.obama.org
52	js.stripe.com	static.fundraiseup.com js.stripe.com
41	r.stripe.com	js.stripe.com
18	q.stripe.com	www.obama.org
18	www.obama.org	www.obama.org
13	play.google.com	www.gstatic.com
6	js-agent.newrelic.com	www.obama.org
6	www.google-analytics.com	www.obama.org www.google-analytics.com
6	www.google.com	2 redirects www.obama.org
5	www.google.de	www.obama.org
5	www.gstatic.com	www.google.com pay.google.com www.gstatic.com
4	pay.google.com	static.fundraiseup.com pay.google.com www.obama.org www.gstatic.com
4	m.stripe.network	js.stripe.com m.stripe.network
4	www.facebook.com	1 redirects www.obama.org
4	googleads.g.doubleclick.net	2 redirects www.googletagmanager.com
4	connect.facebook.net	www.obama.org connect.facebook.net
4	maps.googleapis.com	www.obama.org maps.googleapis.com
3	bam.nr-data.net	js-agent.newrelic.com static.fundraiseup.com
3	region1.google-analytics.com	www.googletagmanager.com
3	api.fundraiseup.com	cdn.fundraiseup.com static.fundraiseup.com
3	fndrsp.net	cdn.fundraiseup.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.obama.org
3	s7.addthis.com	www.obama.org s7.addthis.com
2	api-js.mixpanel.com	static.fundraiseup.com
2	m.stripe.com	m.stripe.network
2	ucarecdn.com	www.obama.org
2	s.yimg.com	www.obama.org static.fundraiseup.com
2	www.googleadservices.com	www.googletagmanager.com
2	s3-eu-west-1.amazonaws.com	www.obama.org
2	www.googletagmanager.com	www.obama.org www.googletagmanager.com
2	platform.twitter.com	www.obama.org platform.twitter.com
1	fndrsp-checkout.net	cdn.fundraiseup.com
1	insight.adsrvr.org	js.adsrvr.org
1	sp.analytics.yahoo.com	www.obama.org
1	nova.collect.igodigital.com	www.obama.org
1	sentry.fundraiseup.com	static.fundraiseup.com
1	analytics.twitter.com	www.obama.org
1	t.co	www.obama.org
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	syndication.twitter.com	platform.twitter.com
1	cdn.mxpnl.com	www.obama.org
1	100016450.collect.igodigital.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	static.ads-twitter.com	www.obama.org
1	static.hotjar.com	www.googletagmanager.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.fundraiseup.com	www.obama.org
1	cdn.polyfill.io	www.obama.org
1	fonts.googleapis.com	www.obama.org
1	cloud.typography.com	1 redirects
1	click.email.obama.org	1 redirects
308	55

This site contains links to these domains. Also see Links.

Domain
donor.obama.org
twitter.com
www.facebook.com
www.instagram.com
getherthere.org

Subject Issuer	Validity	Valid
obama.org Cloudflare Inc ECC CA-3	`2022-05-02` - `2023-05-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
fundraiseup.com Cloudflare Inc ECC CA-3	`2022-06-21` - `2023-06-21`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-08`	2 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon	`2022-09-21` - `2023-08-30`	a year	crt.sh
*.hotjar.com Amazon	`2022-10-25` - `2023-11-23`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2023-02-16` - `2023-08-16`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.collect.igodigital.com Amazon RSA 2048 M02	`2023-02-21` - `2024-01-13`	a year	crt.sh
*.mxpnl.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2022-07-11` - `2023-07-28`	a year	crt.sh
*.fndrsp.net E1	`2023-02-18` - `2023-05-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-27` - `2023-04-19`	2 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-02-06` - `2023-05-13`	3 months	crt.sh
sentry.fundraiseup.com R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
ucarecdn.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-01-03` - `2023-06-28`	6 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-14` - `2023-06-13`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-08` - `2023-04-08`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.fndrsp-checkout.net E1	`2023-02-18` - `2023-05-19`	3 months	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
*.mixpanel.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-02-13` - `2024-03-15`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Frame ID: D320ECBAAD0D6EBCB9D746208A374D0D
Requests: 167 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: BCD43E0E78ADC4B199BC1FD68F864F7B
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 7B8D32E6304F9AC0443B182B2393635D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.obama.org
Frame ID: 33171D8C58638F4180D2B52EB031172C
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/
Frame ID: B6E005A93A46525373E7362ED76E4601
Requests: 7 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: C09B5AB21433DC39ECEF0D8FEF216029
Requests: 4 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
Frame ID: 201845C94E35BC741D24A4EAB0C741B2
Requests: 2 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Frame ID: 61A45F79D4AAF605C85C167874479D8F
Requests: 1 HTTP requests in this frame

Frame: https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
Frame ID: 8976F6749E02C9A4B383427709CDCEC1
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
Frame ID: E17999340FA9E396DC66BC0ACCFA3954
Requests: 13 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
Frame ID: 37DC849C9036750E6C044F32DB22FB3E
Requests: 38 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
Frame ID: 9B001A1F6E1D7DF1CBAFCFCAF1653446
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
Frame ID: E6FFD0F0317F06B80FF073501E967BC2
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
Frame ID: ADCABB3FCAB1FDDD4B7BE742B30D5FE3
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
Frame ID: F63D788FB491A265B0C7972207F792A5
Requests: 10 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
Frame ID: 9C6CBB0B015E7AE91B25DE8C9BA8ABF5
Requests: 9 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FF39A7DEAC5E81DB4FB851D458AE1D1B
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/tr/?redirect=0
Frame ID: 53BC1474D834FD7CE4A74DA4D2DA5334
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.obama.org&mid=
Frame ID: FD0A3BEB5D379735389E6A6C87158F85
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F54487CAF17E860E41BED96823A83C7D
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=j40r5zl&ref=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&upid=e9owxxg&upv=1.1.0
Frame ID: 21075B9F0AC6F4252713CB3A5D747D95
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1EBC7B46C5DA0186E23FC2AD6D145892
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome to the Obama Foundation

Page URL History Show full URLs

https://click.email.obama.org/?qs=4f462c17eba2cd7a9d275ae75ef595c0b2807837beb8c01e4b976793782e8d624b1234d1... HTTP 302
https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fun... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AddThis (Widgets) Expand

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

308
Requests

99 %
HTTPS

45 %
IPv6

36
Domains

55
Subdomains

48
IPs

9
Countries

7724 kB
Transfer

19025 kB
Size

29
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://donor.obama.org/-/XVFCHMYJ
Title: Donate

Search URL Search Domain Scan URL

URL: https://twitter.com/ObamaFoundation

Search URL Search Domain Scan URL

URL: https://www.facebook.com/obamafoundation/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/obamafoundation/

Search URL Search Domain Scan URL

URL: http://getherthere.org/
Title: Learn More

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.obama.org/?qs=4f462c17eba2cd7a9d275ae75ef595c0b2807837beb8c01e4b976793782e8d624b1234d11a88f13400c7195261bb8049b71c9b462da8267b HTTP 302
https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://cloud.typography.com/7527714/7615372/css/fonts.css HTTP 302
https://www.obama.org/wp-content/themes/obamafoundation/assets/fonts/794140/FE7930D973B014278.css

Request Chain 85

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=U17-Y7iROrnDmLAP9PSp2AM&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFiX19wTW0wWEVfWFBTcG45VW1MTll4U1Y1eVRFVXJwTTNSdllYRC01SUNTZGRITEZWN3JZZTA HTTP 302
https://www.google.com/pagead/1p-conversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFiX19wTW0wWEVfWFBTcG45VW1MTll4U1Y1eVRFVXJwTTNSdllYRC01SUNTZGRITEZWN3JZZTA&is_vtc=1&ocp_id=U17-Y7iROrnDmLAP9PSp2AM&cid=CAQSKQDUE5ym09lNrZPFm5mVfZPv1tJtXsguap0QGEroTkZRJ6yad2XAORt2&random=1268968499 HTTP 302
https://www.google.de/pagead/1p-conversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFiX19wTW0wWEVfWFBTcG45VW1MTll4U1Y1eVRFVXJwTTNSdllYRC01SUNTZGRITEZWN3JZZTA&is_vtc=1&ocp_id=U17-Y7iROrnDmLAP9PSp2AM&cid=CAQSKQDUE5ym09lNrZPFm5mVfZPv1tJtXsguap0QGEroTkZRJ6yad2XAORt2&random=1268968499&ipr=y&prhg=0

Request Chain 215

https://www.facebook.com/tr/ HTTP 302
https://www.facebook.com/tr/?redirect=0

Request Chain 262

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VV7-Y4vaFPjEmLAPqK2jUA&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFWMXNRWWEyOS1GVXpzaVctb0FwcDBIR1R4T2kyTXhpcHNBdEtrdXdxZHRDQjV0Y2djMGtkWEE HTTP 302
https://www.google.com/pagead/1p-conversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFWMXNRWWEyOS1GVXpzaVctb0FwcDBIR1R4T2kyTXhpcHNBdEtrdXdxZHRDQjV0Y2djMGtkWEE&is_vtc=1&ocp_id=VV7-Y4vaFPjEmLAPqK2jUA&cid=CAQSKQDUE5ymUmrl2E8TvnhDdutxaydgQaCQgbcrIbSNTX3jM2rGIeA2Jo9F&random=4014176239 HTTP 302
https://www.google.de/pagead/1p-conversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFWMXNRWWEyOS1GVXpzaVctb0FwcDBIR1R4T2kyTXhpcHNBdEtrdXdxZHRDQjV0Y2djMGtkWEE&is_vtc=1&ocp_id=VV7-Y4vaFPjEmLAPqK2jUA&cid=CAQSKQDUE5ymUmrl2E8TvnhDdutxaydgQaCQgbcrIbSNTX3jM2rGIeA2Jo9F&random=4014176239&ipr=y&prhg=0&ezwbk=AZuM4hDEDt-gzAYDL8Ye9-zxJsNFz2s4D9YCXmM4GyryUwkTblo9UvS9jXkCDlIcOojyBuX5GWcFzHO0M1mhG0V6c57T

308 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.obama.org/
Redirect Chain

https://click.email.obama.org/?qs=4f462c17eba2cd7a9d275ae75ef595c0b2807837beb8c01e4b976793782e8d624b1234d11a88f13400c7195261bb8049b71c9b462da8267b
https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

104 KB
25 KB

982ms
906ms

Document
text/html

104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b783cee625709bc59e499c14e46478a041b49a7ca597459843306edf3669b04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86400
cf-cache-status: MISS
cf-ray: 7a0bc51e58fd8fef-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:34 GMT
expires: Wed, 01 Mar 2023 20:04:34 GMT
last-modified: Tue, 28 Feb 2023 20:04:34 GMT
link: <https://www.obama.org/wp-json/>; rel="https://api.w.org/" <https://www.obama.org/wp-json/wp/v2/pages/34953>; rel="alternate"; type="application/json" <https://www.obama.org/>; rel=shortlink
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding, Cookie, Cookie
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-pantheon-styx-hostname: styx-fe3-b-66f6fb7db8-dw6b5
x-served-by: cache-chi-klot8100109-CHI, cache-fra-eddf8230111-FRA
x-styx-req-id: 1e7df7d3-b7a3-11ed-a560-e2afd8e93452
x-timer: S1677614674.684205,VS0,VE841

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 279
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Feb 2023 20:04:33 GMT
Location: https://www.obama.org?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
874 B 155ms
61ms Script
text/javascript 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 554
x-xss-protection: 1; mode=block
expires: Tue, 28 Feb 2023 20:04:34 GMT

GET
H2

200

FE7930D973B014278.css
www.obama.org/wp-content/themes/obamafoundation/assets/fonts/794140/
Redirect Chain

https://cloud.typography.com/7527714/7615372/css/fonts.css
https://www.obama.org/wp-content/themes/obamafoundation/assets/fonts/794140/FE7930D973B014278.css

420 KB
315 KB

45ms
43ms

Stylesheet
text/css

104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/assets/fonts/794140/FE7930D973B014278.css

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1579e8c4cf5e217d9b2a65d679b5f9efd5b09ea584d6891f3ff10475d3ab6a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-b4587bb49-4fg5r
date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 785017
cf-polished: origSize=431386
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-served-by: cache-chi-kigq8000054-CHI, cache-fra-eddf8230047-FRA
last-modified: Sat, 28 Jan 2023 11:48:30 GMT
cf-bgj: minify
server: cloudflare
x-timer: S1676829658.325201,VS0,VE4
etag: W/"63d50b8e-6951a"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 3008db7b-9f1f-11ed-bf09-624f40f8a761
cache-control: public, max-age=31622400
cf-ray: 7a0bc5285f7c8fef-FRA
expires: Thu, 29 Feb 2024 20:04:35 GMT

Redirect headers

Date: Tue, 28 Feb 2023 20:04:35 GMT
Last-Modified: Mon, 31 Aug 2020 16:49:29 GMT
Server: AkamaiNetStorage
X-HCo-pid: 16
ETag: "7e17cea9cf7d9b5775b83d1aad09d427:1598892568.84525"
Content-Type: text/html
Location: https://www.obama.org/wp-content/themes/obamafoundation/assets/fonts/794140/FE7930D973B014278.css
Cache-Control: must-revalidate, private
Connection: keep-alive
Content-Length: 154
Expires: Tue, 28 February 2023 20:04:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 4 KB
940 B 150ms
56ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Maitree:400,500,600

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2940db97405f6ac535777563983b5f10882d84e3ce8e428684b28e98551e2643

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Feb 2023 20:04:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 20:04:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Feb 2023 20:04:34 GMT

GET
H2 200 style.css
www.obama.org/wp-content/themes/obamafoundation/ 443 KB
67 KB 72ms
64ms Stylesheet
text/css 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70193baa9b1d58eb83892614c31ae094f5217f32c367466eaf74ebf8f9e3c2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-b4587bb49-6n88x
date: Tue, 28 Feb 2023 20:04:34 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 1629279
cf-polished: origSize=454252
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-served-by: cache-chi-klot8100097-CHI, cache-fra-eddf8230074-FRA
last-modified: Sat, 28 Jan 2023 05:09:39 GMT
cf-bgj: minify
server: cloudflare
x-timer: S1675985395.065671,VS0,VE1
etag: W/"63d4ae13-6ee6c"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: a49c7111-9f1f-11ed-80ff-fec220096c59
cache-control: public, max-age=31622400
cf-ray: 7a0bc524390f8fef-FRA
expires: Thu, 29 Feb 2024 20:04:34 GMT

GET
H2 200 style.min.css
www.obama.org/wp-includes/css/dist/block-library/ 53 KB
10 KB 45ms
37ms Stylesheet
text/css 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 29 Feb 2024 20:04:34 GMT
date: Tue, 28 Feb 2023 20:04:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: HIT
x-content-type-options: nosniff
age: 3930787
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-778b6855c6-pbg9g
content-length: 9846
x-served-by: cache-chi-klot8100122-CHI, cache-fra-eddf8230036-FRA
last-modified: Sun, 08 Jan 2023 01:11:53 GMT
server: cloudflare
x-timer: S1673683888.637432,VS0,VE1
etag: W/"63ba1859-d293"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: 88d24535-9035-11ed-8eef-f6eca0fda204
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc52439128fef-FRA
x-cache-hits: 1, 1

GET
H2 200 style.css
www.obama.org/wp-content/plugins/uk-cookie-consent/assets/css/ 4 KB
1 KB 73ms
66ms Stylesheet
text/css 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/plugins/uk-cookie-consent/assets/css/style.css?ver=5.5.3

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0626ce5ee4d2f011510da11305c27a143eb9980cab2d848afe1d13f05baa926

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-6c8ff8b94-h68pg
date: Tue, 28 Feb 2023 20:04:34 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 4111642
cf-polished: origSize=4656
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-served-by: cache-chi-klot8100102-CHI, cache-fra-eddf8230064-FRA
last-modified: Mon, 02 Jan 2023 21:08:25 GMT
cf-bgj: minify
server: cloudflare
x-timer: S1673503032.035986,VS0,VE1
etag: W/"63b347c9-1230"
vary: Accept-Encoding
content-type: text/css
x-styx-req-id: ff620f1c-8b58-11ed-a7b9-b2bac96614ed
cache-control: public, max-age=31622400
cf-ray: 7a0bc52439158fef-FRA
expires: Thu, 29 Feb 2024 20:04:34 GMT

GET
H2 200 jquery.js Show response
www.obama.org/wp-content/themes/obamafoundation/src/js/vendor/ 82 KB
29 KB 56ms
50ms Script
application/x-javascript 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/src/js/vendor/jquery.js?ver=2.1.14

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2322cabae90997740398db8b7ce580b8b00f001aca5d6f3e653b5cc4a281589a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-97577555f-x4b9z
date: Tue, 28 Feb 2023 20:04:34 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 21622507
cf-polished: origSize=84345
x-cache: HIT, HIT
expires: Thu, 29 Feb 2024 20:04:34 GMT
x-served-by: cache-mdw17363-MDW, cache-fra19182-FRA
last-modified: Wed, 08 Jun 2022 05:54:11 GMT
cf-bgj: minify
traceparent: 00-dd4a1d29665b4e44ac1edf03c2824a4d-22a2876ef1729a88-00
x-timer: S1655992167.010098,VS0,VE2
server: cloudflare
etag: W/"62a03983-14979"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ab0fb1cd-e83d-11ec-ba9d-82a9e403abbe
x-cloud-trace-context: dd4a1d29665b4e44ac1edf03c2824a4d/2495706054083648136;o=0
cache-control: public, max-age=31622400
cf-ray: 7a0bc52439168fef-FRA
x-cache-hits: 1, 1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 88ms
20ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6738) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 20:04:35 GMT
Content-Encoding: gzip
Age: 672
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6738)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 uk-cookie-consent-js.js Show response
www.obama.org/wp-content/plugins/uk-cookie-consent/assets/js/ 1 KB
803 B 61ms
56ms Script
application/x-javascript 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js?ver=2.3.0

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf2c82f6cc4f0d084fdfb79175e21a26e41e802bfc0120abdc57dc3a3943d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-b4587bb49-ptkjm
date: Tue, 28 Feb 2023 20:04:34 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 1172269
cf-polished: origSize=1581
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-served-by: cache-chi-klot8100067-CHI, cache-fra-eddf8230023-FRA
last-modified: Sat, 28 Jan 2023 14:30:28 GMT
cf-bgj: minify
server: cloudflare
x-timer: S1676442406.724869,VS0,VE1
etag: W/"63d53184-62d"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: a49c2865-9f1f-11ed-8957-b6509efadb97
cache-control: public, max-age=31622400
cf-ray: 7a0bc52439178fef-FRA
expires: Thu, 29 Feb 2024 20:04:34 GMT

GET
H2 200 source.js Show response
www.obama.org/wp-content/themes/obamafoundation/assets/js/ 372 KB
103 KB 69ms
64ms Script
application/x-javascript 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/assets/js/source.js?ver=0.0.23

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf6ccf168b6fcc48bd13b09c27c8b995fe46c22ef2adf36d66524df6da77e262

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-97577555f-x4b9z
date: Tue, 28 Feb 2023 20:04:34 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
content-encoding: gzip
x-content-type-options: nosniff
age: 21640513
cf-polished: origSize=381149
x-cache: HIT, HIT
expires: Thu, 29 Feb 2024 20:04:34 GMT
x-served-by: cache-mdw17361-MDW, cache-hhn4024-HHN
last-modified: Wed, 08 Jun 2022 12:21:34 GMT
cf-bgj: minify
traceparent: 00-a09262c109734bea811e9cb8b8e50ec0-67be1dc164b09c02-00
x-timer: S1655974162.993673,VS0,VE3
server: cloudflare
etag: W/"62a0944e-5d0dd"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: ab10de34-e83d-11ec-ba9d-82a9e403abbe
x-cloud-trace-context: a09262c109734bea811e9cb8b8e50ec0/7475445147936791554;o=0
cache-control: public, max-age=31622400
cf-ray: 7a0bc524391a8fef-FRA
x-cache-hits: 1, 1

GET
H2 200 wp-embed.min.js Show response
www.obama.org/wp-includes/js/ 1 KB
1 KB 40ms
36ms Script
application/x-javascript 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-includes/js/wp-embed.min.js?ver=5.5.3

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Thu, 29 Feb 2024 20:04:34 GMT
date: Tue, 28 Feb 2023 20:04:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: HIT
x-content-type-options: nosniff
age: 4616179
x-cache: HIT, HIT
x-pantheon-styx-hostname: styx-fe3-b-778b6855c6-whvlz
content-length: 784
x-served-by: cache-chi-klot8100058-CHI, cache-hhn-etou8220079-HHN
last-modified: Mon, 02 Jan 2023 21:38:15 GMT
server: cloudflare
x-timer: S1672998495.065473,VS0,VE2
etag: W/"63b34ec7-59a"
vary: Accept-Encoding
content-type: application/x-javascript
x-styx-req-id: 00366439-8b59-11ed-8c38-e20795306de1
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc524391d8fef-FRA
x-cache-hits: 1, 1

GET
H2 200 polyfill.min.js Show response
cdn.polyfill.io/v2/ 100 B
647 B 113ms
35ms Script
text/javascript 2a04:4e42:400::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.polyfill.io/v2/polyfill.min.js

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:04:34 GMT
age: 547945
detected-user-agent: Chrome/110.0.0
useragent_normaliser: chrome/110.0.0
server-timing: HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 22 Feb 2023 11:03:04 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
normalized-user-agent: chrome/110.0.0
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 414ms
34ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Tue, 28 Feb 2023 20:04:34 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
x-host: s7.addthis.com
content-length: 116414

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 171 KB
56 KB 89ms
79ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDsnqr-BgEQKKvG_-aayb5FO7ILgLhIkBo&libraries=places&callback=initAutocomplete

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

700cca9385b63c93a37081999dac05bf87a5a65892fb3f3151751d8b50360ddc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=49
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57403
x-xss-protection: 0
expires: Tue, 28 Feb 2023 20:34:35 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
85 KB 85ms
37ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4f55b4d63895c9d4f06fa005fd150774e99fd64f15675876964606fd3a044e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86781
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 18:17:04 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Feb 2023 20:04:35 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 408 KB
163 KB 68ms
19ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 12:14:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 28196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Feb 2024 12:14:39 GMT

GET
H2 200 AHNVSXNQ Show response
cdn.fundraiseup.com/widget/ 99 KB
34 KB 127ms
64ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.fundraiseup.com/widget/AHNVSXNQ

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22d9259a3d0136e876b1e42b0ab76e30f1088cd80af8c229749f1f220397bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
server: cloudflare
etag: W/"653864193"
vary: Accept-Encoding
content-type: text/javascript
cf-ray: 7a0bc5293fb2912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 obama-foundation-logo-black.svg
www.obama.org/wp-content/themes/obamafoundation/assets/img/ 3 KB
2 KB 41ms
40ms Image
image/svg+xml 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/assets/img/obama-foundation-logo-black.svg

Requested by

Host: www.obama.org
URL: https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3bf9bd6f52aed07a1c4f37dba8936dc02be14da89d89b4bb00a28ccdc6b97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-778b6855c6-x8sx2
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: HIT
x-content-type-options: nosniff
age: 3930786
x-cache: MISS, HIT
expires: Thu, 29 Feb 2024 20:04:35 GMT
content-length: 1389
x-served-by: cache-chi-klot8100167-CHI, cache-fra-eddf8230082-FRA
last-modified: Wed, 04 Jan 2023 03:45:22 GMT
server: cloudflare
x-timer: S1673683889.192927,VS0,VE1
etag: W/"63b4f652-b74"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 56858dc3-8cc7-11ed-84bb-9a4dd57eb62f
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc528e85d8fef-FRA
x-cache-hits: 0, 1

GET
H2 200 caret-down.svg
www.obama.org/wp-content/themes/obamafoundation/assets/img/ 199 B
416 B 40ms
40ms Image
image/svg+xml 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/assets/img/caret-down.svg

Requested by

Host: www.obama.org
URL: https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f73088b0e9ecb91172a832197594a169ede1c6be2b0a54e57392ac3f6245149

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-6c8ff8b94-bvgkn
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: HIT
x-content-type-options: nosniff
age: 3930786
x-cache: HIT, HIT
expires: Thu, 29 Feb 2024 20:04:35 GMT
content-length: 169
x-served-by: cache-chi-klot8100110-CHI, cache-fra-eddf8230047-FRA
last-modified: Mon, 02 Jan 2023 11:28:55 GMT
server: cloudflare
x-timer: S1673683889.082566,VS0,VE2
etag: W/"63b2bff7-c7"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-styx-req-id: 10b5dffa-8b58-11ed-bcc1-ce282d54ea00
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc528e8608fef-FRA
x-cache-hits: 1, 1

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffb13282c12404238bd17c74168e21ae157e1fb9fac1f830f635d49fc8e383e0

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 MjQGmil5tffhpBrknt6sfQ.woff2
fonts.gstatic.com/s/maitree/v10/ 20 KB
21 KB 121ms
34ms Font
font/woff2 2a00:1450:400d:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/maitree/v10/MjQGmil5tffhpBrknt6sfQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Maitree:400,500,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 12:52:04 GMT
x-content-type-options: nosniff
age: 457951
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20960
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 14:58:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Feb 2024 12:52:04 GMT

GET
DATA 200
OK truncated
/ 22 KB
22 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f96a4aaee31785c0d2fff47e549f8ae90448ca68767d707885b5bbb2c53b6881

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48d09fdf27b7df5b996fbad7c97c942569e31e5ff462bfd208bbe88cbb5f96b7

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33277e78117e679f1470aab499f56396e1d94ae48502adcdd15b77c627a8f016

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 21 KB
21 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef4394a869af97bf9f2996973b0375c470dbf09ac01f0bc5459e0b0043beeda3

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 19 KB
19 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8313f60ac8396108991359e86609f8a602747fa257a761eff252f5399c484c4

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 icomoon.ttf
www.obama.org/wp-content/themes/obamafoundation/assets/fonts/ 6 KB
4 KB 42ms
42ms Font
application/x-font-ttf 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.obama.org/wp-content/themes/obamafoundation/assets/fonts/icomoon.ttf?pgtjhe

Requested by

Host: www.obama.org
URL: https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd07b422e8a3353007b932ac8361584dbfa0c18d673f8a624274aef2a07c554

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/wp-content/themes/obamafoundation/style.css?v=122
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-778b6855c6-xpr7w
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=15552000
cf-cache-status: HIT
x-content-type-options: nosniff
age: 3995904
x-cache: HIT, HIT
expires: Thu, 29 Feb 2024 20:04:35 GMT
content-length: 4204
x-served-by: cache-chi-klot8100098-CHI, cache-fra-eddf8230111-FRA
last-modified: Mon, 02 Jan 2023 13:12:20 GMT
server: cloudflare
x-timer: S1673618772.677787,VS0,VE2
etag: W/"63b2d834-17e8"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
x-styx-req-id: 4b74e1e6-8b59-11ed-a711-ee11e83fbdaf
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc528f8888fef-FRA
x-cache-hits: 3, 1

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac597c60f976d7d35ddf5f04d1c198209385b6575c21f7d33917e673807ac316

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 8 KB
8 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2edf9c80c3cac3c97f456e312f7da6402fc1fdcaf1c04153fea1f704cba07768

Request headers

Referer
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 248ms
34ms Script
application/x-javascript 2.18.69.141
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.69.141 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-69-141.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 3DA20F33DFB043F4
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26977
accept-ranges: bytes
content-length: 948
x-amz-id-2: g7+QTkfgFpKXdjIV1ns3PedgNVHG4mi9TLupYfjziOmGieTRD5DTu0V21U3C4oqBbTG5njMGxL0=

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 246ms
65ms XHR
application/json 2a00:1450:400d:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDsnqr-BgEQKKvG_-aayb5FO7ILgLhIkBo&libraries=places&callback=initAutocomplete

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.obama.org
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 311ms
147ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?_=1677614675323

Requested by

Host: www.obama.org
URL: https://www.obama.org/wp-content/themes/obamafoundation/src/js/vendor/jquery.js?ver=2.1.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

115eb25bad8084571bd9d03fb88eed90a156225a679eabe500d466493c6b0bdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:04:35 GMT
content-md5: JIVysKgu5kk0+m5H6J3VYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: +rmFlRfqPjFg8SIYmUWHmqFttNFvPujA2peTiCXUgw5z4HyITFKk1q7zFJFZncRFNNoJlQlLEspZ1xREv2gE+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 7ab17c7b8878f706ebd8d827c26ae2b4
cross-origin-opener-policy: same-origin-allow-popups
etag: "770f0a20bbe58a4e2da2ce59c51921e2"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Tue, 28 Feb 2023 20:24:35 GMT

GET
H/1.1 403
Forbidden share.js
s3-eu-west-1.amazonaws.com/share.typeform.com/ 0
0 230ms
72ms Script
application/xml 52.218.105.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/share.typeform.com/share.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/wp-content/themes/obamafoundation/assets/js/source.js?ver=0.0.23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.105.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H/1.1 403
Forbidden share-button.css
s3-eu-west-1.amazonaws.com/share.typeform.com/ 0
0 225ms
67ms Stylesheet
application/xml 52.218.105.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3-eu-west-1.amazonaws.com/share.typeform.com/share-button.css
Requested by: Host: www.obama.org
URL: https://www.obama.org/wp-content/themes/obamafoundation/assets/js/source.js?ver=0.0.23
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.105.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-58e692e7c2341621/ 6 KB
1 KB 477ms
447ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-58e692e7c2341621/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ffd26f508931c4ceae231a413558fae645130b58f6f49083ab98135403ded19a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
etag: -1779254049--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=59, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 1112

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 213ms
159ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=63fe5e5314319833&bkl=0&bl=1&pdt=1667&sid=63fe5e5314319833&pub=ra-58e692e7c2341621&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.obama.org&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1677614675505&jsl=8193&uvs=63fe5e53c88031f7000&skipb=1&callback=addthis.cbs.jsonp__69251802444242090
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-62-220-135.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 772f8d97204f317f0c752ccfdb8932ffbe79f9b9cfa3647f7b7386905d64589b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame BCD4 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 7B8D 71 KB
26 KB 35ms
35ms Document
text/html 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Tue, 28 Feb 2023 20:04:35 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 3317 320 KB
104 KB 20ms
19ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.obama.org
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6795) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3018075
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Tue, 28 Feb 2023 20:04:35 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6795)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 hotjar-383593.js Show response
static.hotjar.com/c/ 9 KB
4 KB 172ms
63ms Script
application/javascript 13.225.78.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-383593.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-63.fra2.r.cloudfront.net

Software

Resource Hash

91275d7ee94801ac16df79d00ffd9c2c603a700c5d9b656e0e3497579a89de42

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ac0e9b19969df989a920e6d1b834d008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
etag: W/9313694ef914b5d572e5e3fdcf13d55f
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: leE9BP2-A6cAuXBXpr1ygTIZU0sUvTL4hD3viO1zqkAAnSWPSh-P-A==

GET
H2 200 bat.js Show response
bat.bing.com/ 40 KB
12 KB 155ms
48ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Tue, 28 Feb 2023 20:04:35 GMT
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 5676F37734DE4F0ABFBC9C82331DEABC Ref B: FRAEDGE1412 Ref C: 2023-02-28T20:04:35Z
etag: "8072cff03442d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11894

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-823352929/ 3 KB
2 KB 198ms
94ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-823352929/?random=1677614675548&cv=11&fst=1677614675548&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56069129b4f776d25f1e14fe61e03f1f2c5f11c8b0737aa5346697fe3ae72e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1294
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 136ms
33ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:12:19 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3136
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 28 Feb 2023 21:12:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 124ms
22ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Feb 2023 20:04:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: rU1px9x1bN/1tHQ3B35SU1LSBf78ks2V9xFNzcGwAAElm1ds5mUdMeFEldNe44c9CCwVAHxj2/JnpU5aqm7zdw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 214ms
32ms Script
application/javascript 199.232.16.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.16.157 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-vie6355-VIE

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 202ms
22ms Script
application/x-javascript 13.225.85.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.149 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-149.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 08:39:15 GMT
Content-Encoding: gzip
Via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA2-C2
Age: 41121
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: oHiNhi6gbUbfQMXMUVYLexyt-wNDdxbzqOPs0lv14Bycl3B9nWM58g==

GET
H2 200 collect.js Show response
100016450.collect.igodigital.com/ 8 KB
2 KB 506ms
122ms Script
application/javascript 52.201.100.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://100016450.collect.igodigital.com/collect.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.100.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-100-129.compute-1.amazonaws.com
Software: /
Resource Hash: 463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
content-encoding: gzip
last-modified: Mon, 27 Feb 2023 20:38:04 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 mixpanel-2-latest.min.js Show response
cdn.mxpnl.com/libs/ 50 KB
18 KB 188ms
20ms Script
text/javascript 2600:1901:0:bc29::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:bc29:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:58:17 GMT
content-encoding: gzip
age: 378
x-guploader-uploadid: ADPycdv8BTtUEL2dBr6EPjqmlTf76dkIsvtueRdTT4OJ4jetcdgk63ssIX_g-ktRFh23mJkX-d_xpEat5qf2ATkatXdYtWgKF9zy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17435
last-modified: Thu, 17 Feb 2022 20:21:50 GMT
server: UploadServer
etag: "caa762087e9d75cecc34b5d6626cb7b9"
vary: Accept-Encoding
x-goog-generation: 1645129310876382
x-goog-hash: crc32c=PPVzJA==, md5=yqdiCH6ddc7MNLXWYmy3uQ==
access-control-allow-origin: *
content-type: text/javascript
cache-control: public,max-age=600
x-goog-stored-content-length: 17435
accept-ranges: bytes
expires: Tue, 28 Feb 2023 20:08:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 272 KB
92 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVXZ7JC

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06bf25b467d4f1c7304468f0041853d91da3129ad088766f9d97f907e1423b53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93603
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:35 GMT

POST
H2 200 tb
fndrsp.net/ 2 B
507 B 227ms
162ms Ping
text/plain 172.67.71.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52y7dbp5L4ex%2B7%2Fp2QkEdl7nrfxLViU9bmN%2Fqg2rUDjlNFoXsFkaxFKH1mnxx55tNaH4gH1BGCisgafVHRlV0%2FimmTrVVxGPIm3XdfaIFIrLhjY9MdYhu%2BytrKA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.obama.org
access-control-allow-credentials: true
cf-ray: 7a0bc52d5f6939d0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 AHNVSXNQ.js Show response
static.fundraiseup.com/embed-data/elements-global/ 3 KB
826 B 264ms
232ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements-global/AHNVSXNQ.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4e80421c684d6be6a43eb49834b2e84e8088e2fb41ccac01cb90b90c85cbaee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Feb 2023 20:04:24 GMT
server: cloudflare
x-amz-request-id: 9R5G3A43ZMDXC7CX
etag: W/"b76b483d2bd13087c6f67bd9fb0a87bd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7a0bc52b8c39912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fz0wAKbOkUjTsVJ7Hog9dZzd+TK1k+drLsPCJqBhG8GAlDwLJ7JpOMLoiJBzynDX/ZwmK6rPtMY=

POST
H2 200 checkout Show response
api.fundraiseup.com/ 7 KB
3 KB 375ms
344ms XHR
application/json 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/checkout?key=AHNVSXNQ&livemode=true

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82c0f3b34c077c83026b274a4d8b513ef0696011ea73187a329ede38eaa3f1e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 37ms
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7a0bc52aaa6a912b-FRA
expires: 0

GET
H2 200 XVFCHMYJ.js Show response
static.fundraiseup.com/embed-data/elements/ 360 B
419 B 276ms
244ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XVFCHMYJ.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d193263ad23ef25573c81941144d2f966cd983148de42483d093222e11617b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Feb 2023 20:04:24 GMT
server: cloudflare
x-amz-request-id: 9R5WRGSZ2EMHWEJD
etag: W/"4cf791fad9cf3f722e2fec205e3ef38e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7a0bc52b8c43912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ti9+l2P1nCGjvUPuhjgz7B9pCao2mQEkp/Licy1xqD+D2onBGRlxl230DfDuqQ0/zka29BYP74w=

GET
H2 200 XDEPAFGV.js Show response
static.fundraiseup.com/embed-data/elements/ 5 KB
1 KB 257ms
234ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XDEPAFGV.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b53efd797f3fb4bdbb9a36aac2d8b86d66b060087247ef533a1c78133285bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Feb 2023 20:04:24 GMT
server: cloudflare
x-amz-request-id: 9R5KQZ6WC8QVTECC
etag: W/"9dbcff4e1e52511b5f0f135be2009af3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7a0bc52b8c44912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: nDASDqxPJw9m00XmE/MuWmDL1io0uuIiYjdBPuLA9AlbBbDOcfh+o4ra3RBgwtuyJGwG1XRrNdw=

GET
H2 200 XTEBLKLE.js Show response
static.fundraiseup.com/embed-data/elements/ 6 KB
1 KB 234ms
233ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/embed-data/elements/XTEBLKLE.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

344c5a714ab264c675b49dbbccc4f0d844a3967f2f74691a03a3f4fd5a7b5031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 28 Feb 2023 20:04:24 GMT
server: cloudflare
x-amz-request-id: 9R5X1JRPBC95QF7S
etag: W/"b573b92e48914071fbf347069b778f6a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript
cache-control: no-cache, no-store
cf-ray: 7a0bc52b8c41912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Nfvs+cn9aEDEYt7bwQxYTfvyOJoltFy8Jx+wmo1IoszkXRJhri4sLOSYuXAiqQ9IIEf9wQYcHf0=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 checkout-vendors.c72186bc753fcbb506f5.js Show response
static.fundraiseup.com/ 461 KB
146 KB 41ms
40ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-vendors.c72186bc753fcbb506f5.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb4cc65213d2cf491f695d77a3c2930894f0efd461df6e2c3f3058a95f68c082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Feb 2023 09:23:43 GMT
server: cloudflare
x-amz-request-id: M5QSJ66FJHN6SC4A
age: 1592812
etag: W/"16f9582772b864b5f78cee8ef380f9df"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52bdcfe912b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Bb3JoIXMnQwUCK7qjGfuBY9rlrjwdZYRtQyGrsz95kDQpC7vZM4sCSolGs5RuSTX6Q5XyMp1OhY=

GET
H2 200 checkout.4120a9218f4a43575fc1.js Show response
static.fundraiseup.com/ 647 KB
146 KB 42ms
42ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b39c18711f555dfdfa703e71fefc9a6cbdd13a68ad0ffb30a95fc6998fb5731

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: M71GCM1658H1DTBS
age: 37416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 3QH8kSlRaCi2Ju2ex80Usr6Ne+oTiULni1qIRnazRvFUGcuYQy3wz/DM4du+PyPuJHL53gbapXw=
last-modified: Tue, 28 Feb 2023 09:29:27 GMT
server: cloudflare
etag: W/"626fa3d927f356e050627f4a181252fa"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52c1d84912b-FRA

GET
H2 200 checkout-styles.81980b308d377d020e01.js Show response
static.fundraiseup.com/ 272 KB
26 KB 34ms
33ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-styles.81980b308d377d020e01.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

073a5b77e7b6e163569bfcf8568b41ffa108c95e953a699cf3395666b32cd474

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: M71Y6H0WADHC5MEG
age: 37416
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: k3NEBZ83+tYtACNi8TWBp1dwcwZ8RgoZn20rl8evWO1zIINSaPDQxb+Xmvqzzv2roE/CFQAhPsg=
last-modified: Tue, 28 Feb 2023 09:29:27 GMT
server: cloudflare
etag: W/"0c51ff9f9018ad592a299c401b8464bb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52c1d86912b-FRA

POST
H2 204 collect
region1.google-analytics.com/g/ 0
244 B 97ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X85NK84B9X&gtm=45je32m0&_p=1576700991&cid=1631881306.1677614676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677614675&sct=1&seg=0&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&dt=Welcome%20to%20the%20Obama%20Foundation&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11033627332/ 3 KB
1 KB 93ms
93ms Script
text/javascript 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11033627332/?random=1677614675689&cv=11&fst=1677614675689&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

496cf55646eb25bf5410eff0a53d3bbd291c3d301c3c9515aaf270a5b38d9fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11033627332/ 3 KB
2 KB 97ms
34ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11033627332/?random=1677614675700&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e6062cdf9f4341d1f72d9b6d33185fb8c14df0da76e6b4b78cef2b21a860ecb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1619
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 3317 663 B
604 B 253ms
131ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=76a08fad4eb4903901a6140c6d4f088f490264f8

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.obama.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 28 Feb 2023 20:04:35 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Tue, 28 Feb 2023 20:04:35 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: cee0b8931200eb6d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: bcec0e0c0a7df9773e4e22c89d400eb74084a4717b25b364991fa1c58259a304
content-length: 284

GET
H2 200 1571499566196065 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 164ms
164ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1571499566196065?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

afa6fc3b31803772ffd320a754fb28f960e15bd0ab3b789352f3d6c3e80d6598

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 28 Feb 2023 20:04:35 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 1nm+QaHBa7NxRZofYHztpw7PiQPWUyvBVZ2321qYiOyeV5eder2vdfNrZLVhSFK0WQBX0/QG/Bbo8Uu35MYgRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 55ms
54ms XHR
text/plain 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1576700991&t=pageview&_s=1&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&ul=en-us&de=UTF-8&dt=Welcome%20to%20the%20Obama%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=ICDACEABBAAAACAAI~&jid=676074746&gjid=183624702&cid=1631881306.1677614676&tid=UA-90041815-1&_gid=1498159981.1677614676&_r=1&_slc=1&z=1946107290

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.3bdf981e73ecd1bf9fca.js Show response
script.hotjar.com/ 263 KB
68 KB 117ms
24ms Script
application/javascript 13.224.189.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3bdf981e73ecd1bf9fca.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-383593.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-97.fra2.r.cloudfront.net

Software

Resource Hash

5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 09:09:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 29051585a13addd312c8ac9d527433c6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 125729
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 68683
last-modified: Mon, 27 Feb 2023 09:08:08 GMT
etag: "ebfd5ece1732ea77a9b33e8ec7afb91a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: PK0WyoRPZ8cENl-BaS4h9IHX_AwgDQfuLr4faTZLj6hoHyHnfRNYrg==

GET
H2 204 26027144.js Show response
bat.bing.com/p/action/ 0
135 B 124ms
124ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26027144.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ARR/3.0

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Tue, 28 Feb 2023 20:04:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1B4587C4ADDE412E9029E83A4A1AC1DB Ref B: FRAEDGE1412 Ref C: 2023-02-28T20:04:35Z
x-powered-by: ARR/3.0
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 45ms
45ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26027144&tm=gtm002&Ver=2&mid=eba561e2-5407-450c-835d-69859a68c902&sid=1fb7fb40b7a311edbba2ef0bd4f67c57&vid=1fb7eea0b7a311ed9926f74030d46644&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Welcome%20to%20the%20Obama%20Foundation&p=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&r=&lt=2597&evt=pageLoad&sv=1&rn=923757

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 28 Feb 2023 20:04:35 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 99DC134307F34A668A1F3934615B160A Ref B: FRAEDGE1412 Ref C: 2023-02-28T20:04:35Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-823352929/ 42 B
327 B 61ms
61ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-823352929/?random=1677614675548&cv=11&fst=1677614400000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&fmt=3&is_vtc=1&random=3211124625&rmt_tld=0&ipr=y

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-823352929/ 42 B
455 B 152ms
62ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-823352929/?random=1677614675548&cv=11&fst=1677614400000&bg=ffffff&guid=ON&async=1&gtm=45He32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&fmt=3&is_vtc=1&random=3211124625&rmt_tld=1&ipr=y

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/11033627332/ 42 B
108 B 62ms
61ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11033627332/?random=1677614675689&cv=11&fst=1677614400000&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2095478443&rmt_tld=0&ipr=y

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/11033627332/ 42 B
108 B 145ms
62ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/11033627332/?random=1677614675689&cv=11&fst=1677614400000&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2095478443&rmt_tld=1&ipr=y

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 50ms
26ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1e790aea63c68a9bf355e70091cccd36

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?_=1677614675323

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

586f21a41a83d286841a8566ef8d75cebe76c1ab7fda4e7c61586ba064474cfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:04:35 GMT
content-md5: IcsyTnaRUPhukROw0Ju2Tw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87019
x-fb-rlafr: 0
x-fb-debug: D3hNGogDZ28LZVzW/6nMLkCEvjcSxzF+6/565yC5To9FSxO6sVMGcEygKW+kh1sh7rkR8rE/v1HSofQa/N5zKA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4a9c35ccad942b4607e0c0e24cf34a23
cross-origin-opener-policy: same-origin-allow-popups
etag: "a40013717d9fa68c664bda8ab7fc2059"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 28 Feb 2024 19:43:15 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 90ms
31ms XHR
text/plain 2a00:1450:4025:401::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-90041815-1&cid=1631881306.1677614676&jid=676074746&gjid=183624702&_gid=1498159981.1677614676&_u=ICDACEAABAAAACAAI~&z=1275479517

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9a Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 28 Feb 2023 20:04:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 16 KB
6 KB 202ms
40ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:48:49 GMT
x-amz-version-id: .QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 831KY7JBX26SCK2B
age: 948
x-amz-server-side-encryption: AES256
x-amz-id-2: PigpS/SKvBrxIdzcugTUWItzYC7t36jyyZyanKgIG0P0O9ShKMkB59SGjVvPRdpPPFqswvxMmrI=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 14 Jun 2022 12:21:31 GMT
server: ATS
etag: "6a624022b5d271dcefb070b0b6670abc-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2 200 adsct
t.co/i/ 43 B
378 B 191ms
130ms Image
image/gif 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=719e6684-ff8c-437c-b9f1-95e81969affd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=89e4b2ff-7d6c-4e1e-be43-b963dd8be489&tw_document_href=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1f9m&type=javascript&version=2.3.29

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 28 Feb 2023 20:04:35 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 1a0d6f0734c6acb9
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 7ce06e639a2a3b5e65ef146447b84343035aa73d0022a8b55630c3bfd0d1b88e
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 257ms
129ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=719e6684-ff8c-437c-b9f1-95e81969affd&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=89e4b2ff-7d6c-4e1e-be43-b963dd8be489&tw_document_href=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o1f9m&type=javascript&version=2.3.29

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4754bfae6c267b7f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 09f6e8cf9c4c8902069580efff8000f2d3f4f87957372bbb42c00ebd6854aba4
content-length: 43

GET
H3 200 checkout-sentry-vendor.29122be82a2c32d8fb15.js Show response
static.fundraiseup.com/ 178 KB
56 KB 58ms
58ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e5b0d7289739113a3dfe27abc2840f9edd42953dde45faa2afc34cb2120a1dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 47XZ3BA0Y6HE81Q7
age: 553753
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /Vhc0mk1iUzWRBWTTnwNRCwPj+HOPRBUFDTlPYe+IndyMKtHUnP7kLwJ6SmbaPg+t5WukVtIGMI=
last-modified: Wed, 22 Feb 2023 09:46:23 GMT
server: cloudflare
etag: W/"53d9733531d7038358bedced73a03a3e"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52d2c0b2bf7-FRA

GET
H3 200 811.29861376f31e28736f9a.js Show response
static.fundraiseup.com/ 91 KB
28 KB 35ms
34ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/811.29861376f31e28736f9a.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce5637ee90a2bbad0d1b2bafec330a261037cb3d358fef923ed52579409c93e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 09:46:21 GMT
server: cloudflare
x-amz-request-id: 47XJ1J748SG0BDX2
age: 553753
etag: W/"1f9a8d9d20de4e638a6f662a3513783d"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52d2c0d2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Wg64ut0il8wznzp4OXoqB+xY0foBhm0j409qDBd0jBmM3u/MGvq0MSrEtiS/cBdJiRsS5eG2mac=

GET
H3 200 sentry.44c35b04d92d68df234b.js Show response
static.fundraiseup.com/ 2 KB
2 KB 34ms
33ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/sentry.44c35b04d92d68df234b.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb3d044dccdb8cc77189a4dfcd305f867cb2f92564ca0a96149550bb26e7ef54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 47XWEZJ3S02YH8AB
age: 553753
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: rQMgYyTh2pB98TfC1XC9I4zMYdmBTOv2B/ICMXH/A+N6JtIs+hHzLkcNVqRxXficCAnwwKzUQRY=
last-modified: Wed, 22 Feb 2023 09:46:25 GMT
server: cloudflare
etag: W/"fb738843002a1ac7ea2cd1d0e25787c8"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52d2c132bf7-FRA

GET
H3 200 checkout-locale5.2efbc8f0829d56ae0e7a.js Show response
static.fundraiseup.com/ 52 KB
14 KB 60ms
60ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/checkout-locale5.2efbc8f0829d56ae0e7a.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d300f525b1e23172dec152ac714387a9847b4eaa8c059245addb6648bf47681a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 47XZP0MJCM9EN4B8
age: 553753
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: xxAi8AxioXamEeELI6HH4WMixdQcBKm5XhU/OS4KB+EyxfPIJKdLLeUaxzAap4c32wMdUYLsuis=
last-modified: Wed, 22 Feb 2023 09:46:23 GMT
server: cloudflare
etag: W/"29be87abee60127870e25901045064d1"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52d7c902bf7-FRA

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 69ms
68ms Image
image/gif 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-90041815-1&cid=1631881306.1677614676&jid=676074746&_u=ICDACEAABAAAACAAI~&z=362421415

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 72ms
70ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-90041815-1&cid=1631881306.1677614676&jid=676074746&_u=ICDACEAABAAAACAAI~&z=362421415

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame B6E0 437 KB
105 KB 164ms
28ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1362a7fc1a96be4941231e5b07315568784e25937c7c4d021379749089e53ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:04:20 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 17
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
etag: W/"9f023daf06a04e08097e0a8bb3b07504"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: hwGvBC_n98g756yWcFwTYK_tW7UutIEOs50vO1VjdMbeN_1uOcWGsA==

GET
H2 200 / Show response
js.stripe.com/v3/ 437 KB
105 KB 206ms
71ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1362a7fc1a96be4941231e5b07315568784e25937c7c4d021379749089e53ca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:04:20 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 17
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
etag: W/"9f023daf06a04e08097e0a8bb3b07504"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: W9MJI0jLXEj9EwGYxyczW6q3MCj2llqewtcpCTnX6iORu9Pfcq9thg==

GET
H3

200

/
www.google.de/pagead/1p-conversion/11033627332/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEM...
https://www.google.com/pagead/1p-conversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googlea...
https://www.google.de/pagead/1p-conversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googlead...

42 B
64 B

68ms
68ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFiX19wTW0wWEVfWFBTcG45VW1MTll4U1Y1eVRFVXJwTTNSdllYRC01SUNTZGRITEZWN3JZZTA&is_vtc=1&ocp_id=U17-Y7iROrnDmLAP9PSp2AM&cid=CAQSKQDUE5ym09lNrZPFm5mVfZPv1tJtXsguap0QGEroTkZRJ6yad2XAORt2&random=1268968499&ipr=y&prhg=0

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11033627332/?random=1131401433&cv=11&fst=1677614675700&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFiX19wTW0wWEVfWFBTcG45VW1MTll4U1Y1eVRFVXJwTTNSdllYRC01SUNTZGRITEZWN3JZZTA&is_vtc=1&ocp_id=U17-Y7iROrnDmLAP9PSp2AM&cid=CAQSKQDUE5ym09lNrZPFm5mVfZPv1tJtXsguap0QGEroTkZRJ6yad2XAORt2&random=1268968499&ipr=y&prhg=0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 custom-messages.5799ddf75a30812a3d49.js Show response
s7.addthis.com/static/ 114 KB
28 KB 36ms
35ms Script
application/javascript 23.62.220.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/custom-messages.5799ddf75a30812a3d49.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-62-220-135.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Tue, 28 Feb 2023 20:04:36 GMT
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-1c9fc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 28546

GET
H3 200 436add0502b6.elementsApi.js Show response
static.fundraiseup.com/ 265 KB
90 KB 37ms
37ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/436add0502b6.elementsApi.js

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02c15239e07310354e2ec37fd64ee0fa1cdb25cb055939d9f84611db1591ff20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XFA3PJD2QHEYVB11
age: 37390
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GKLC2OHYB9DVB/edDD2VTwytznztZJ5y4tdLJDR/aqw5S0+giRuluszdWGuNNlEPjyaplGo+GoE=
last-modified: Tue, 28 Feb 2023 09:29:23 GMT
server: cloudflare
etag: W/"3ef1c8ddf016c77a02fbd804037ffa9c"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52dcd282bf7-FRA

POST
H2 200 / Show response
sentry.fundraiseup.com/api/2/envelope/ 2 B
160 B 354ms
117ms Fetch
application/json 147.135.78.45
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://sentry.fundraiseup.com/api/2/envelope/?sentry_key=cb0af19166ad4bdeb8c3efc4848d6635&sentry_version=7&sentry_client=sentry.javascript.react%2F7.28.1
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.135.78.45 , United States, ASN16276 (OVH, FR),
Reverse DNS
Software: Caddy, nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.obama.org
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
date: Tue, 28 Feb 2023 20:04:36 GMT
server: Caddy, nginx
content-length: 2
vary: Origin
content-type: application/json

POST
H3 200 8262864231973063929 Show response
api.fundraiseup.com/paymentSession/ 274 B
521 B 402ms
401ms XHR
application/json 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/8262864231973063929

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e2435b53986297ecc6c37a5c3970992623c6201b1df1aa7c10f1401b79c8e14

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 90ms
pragma: no-cache
server: cloudflare
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7a0bc52e6e5b2bf7-FRA
expires: 0

GET
H3 200 9304.22b5cbc50de0d9ee8672.js Show response
static.fundraiseup.com/ 36 KB
11 KB 32ms
32ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9304.22b5cbc50de0d9ee8672.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

132d41e510f8721b35d81458552f48ed9603313641e0a03c1831b0fa489bec0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8ZSWXWWNZDHWDY6W
age: 553752
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: im97HIxSPLaPfe6ycKQHvHltLO8aJRR2hs2wt69m5YT8CGTytNhFWf1eTJOV9n9mIoIs992Ip0U=
last-modified: Wed, 22 Feb 2023 09:46:22 GMT
server: cloudflare
etag: W/"95ffaddf78e31e74a011fef3d0367f04"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52e6e782bf7-FRA

GET
H3 200 389.7bf34aa5bcc4.sticky-button-v2-styles.js Show response
static.fundraiseup.com/ 3 KB
2 KB 38ms
37ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/389.7bf34aa5bcc4.sticky-button-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb5a70abb62de9eef4b7bc1b81e4ee037e505d01479083fa09f31c60f26887be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:29 GMT
server: cloudflare
x-amz-request-id: YZ2WWDGRF1NQYMPE
age: 1244989
etag: W/"4277b03244a1c538c8bf255230abc8b6"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf342bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: c5e9HdlfUyjyUwYFPS1EUcSowCt9eJcWImAKMhbwzQN3RSJjxJ2w5YmCsdKo/q6L+WglGhqRqA0=

GET
H3 200 388.fae8b1738dd1.sticky-button-v2-rtl-styles.js Show response
static.fundraiseup.com/ 3 KB
2 KB 35ms
34ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/388.fae8b1738dd1.sticky-button-v2-rtl-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7515d2c55d5a3ceaf127b1112ea12bacb8b0a14a6d4ae6f57f5b75e3d28b38fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:29 GMT
server: cloudflare
x-amz-request-id: YZ2PHBHVRJKCSQ5P
age: 1244989
etag: W/"11139dfa532d25bdfa1c9d87f1e2a662"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf382bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: MMmGRWunrXZEMAejaAx2NAA7RW2r2qP7gKFm5Mb0Q671iMtrj4JhHekyqqWNc1d6gTwHouUt30A=

GET
H3 200 0.29a4877ee0a5.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js Show response
static.fundraiseup.com/ 32 KB
8 KB 53ms
52ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/0.29a4877ee0a5.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~f~e65c2349.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7de9fcdf3c5d3db4fabc4e378ff387b46ec3741cf54c6521eace07fae3abc23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: PJDVB3JTC0YVNA6M
age: 383088
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: jaEn1Vl79yo3HfilQiaGu5SP4/5hD2sF67iDmXt1tVftDccJTItsIkjwZvx693HMiHfFQuEJCh4=
last-modified: Fri, 24 Feb 2023 09:28:21 GMT
server: cloudflare
etag: W/"e859a107b8c2141edff56515a6091674"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf3c2bf7-FRA

GET
H3 200 3.28fd08609a65.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~floating-bu~d1b8685c.js Show response
static.fundraiseup.com/ 19 KB
9 KB 36ms
35ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3.28fd08609a65.vendors~button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~floating-bu~d1b8685c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff3ece6da7e2958b62da75b5b211de9877efa80818563dfa4f694f1dbd774fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:26 GMT
server: cloudflare
x-amz-request-id: 6ETKHE5DDYABKZVB
age: 1245104
etag: W/"deab98d8278c006db7a6d2b56d588c4f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf402bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bACJ5XCeuuNKNetShaXsgFGGCGZh6FtAb09JNWvx3rpF3RP7JjEtHg7AhsKKRVZTe/JviCUQfYI=

GET
H3 200 1.ee51d2754f16.button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~floating-~cecf6bc7.js Show response
static.fundraiseup.com/ 325 KB
63 KB 44ms
43ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1.ee51d2754f16.button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~floating-~cecf6bc7.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf2d9b61b26a4d62e98cd50a59f267d1e8a6e18f5c586d7b28c68b31e91e125b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: WQZ7HFDW4XN7ZKMZ
age: 37390
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: w6zPIlC01I4vMmSTC9//zZOb2kfr73IdSVCAJssBk5ffaJjJnUJSISAY4XDzn7lBvFFi6O9sPM4=
last-modified: Tue, 28 Feb 2023 09:29:12 GMT
server: cloudflare
etag: W/"52d0a79d4a65abb0551597cfb4d0bddd"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf452bf7-FRA

GET
H3 200 2.45c7e944d19c.button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~floating-~2d418900.js Show response
static.fundraiseup.com/ 19 KB
4 KB 35ms
35ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2.45c7e944d19c.button-group-v2~debug-panel~donate-button-v2~donation-form-v2~donation-levels-v2~donor-map~floating-~2d418900.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b64a61c58fc4534bbf6b99730c21ff0f7a0afeae5f9409365e67b05a33814dd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Feb 2023 09:23:31 GMT
server: cloudflare
x-amz-request-id: 304YHYJWR60TFAJ7
age: 1592735
etag: W/"dfaa1030265536e83ce58e8129108652"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf472bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Ayryn0QY5CZ1ihCjjSQTSt43mTK6ZQj/agtKzT+UMtpYMRU3uAzmOTowOsRoCar0ysxJu8j1HO4=

GET
H3 200 387.c296f731e760.sticky-button-v2.js Show response
static.fundraiseup.com/ 24 KB
8 KB 38ms
37ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/387.c296f731e760.sticky-button-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb4f051076270acbaf239b51ecf245909710ed4ec88b5252cc4661823e82ce2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ZP3CDCV08BY3NTMA
age: 383058
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cjWW8TpRFtuJnzlR3R+OfaiCPlvhkpdGzl2PIZoy6NabMIYQ5xmEillgqyVsNn6qw2txulUlIwo=
last-modified: Fri, 24 Feb 2023 09:28:22 GMT
server: cloudflare
etag: W/"dba241178feccf2c309fe48d85c6a6de"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf4c2bf7-FRA

GET
H3 200 374.a4eae0877a85.simple-form-v2-styles.js Show response
static.fundraiseup.com/ 3 KB
2 KB 41ms
40ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/374.a4eae0877a85.simple-form-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34aa9d1ad96b27bbb03538576c25951145c2e8ae470a7af88168e03944360fee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:28 GMT
server: cloudflare
x-amz-request-id: YQHX4WTM9QW9Q1FE
age: 1243984
etag: W/"1e26433fd9975729bae5ebb4f6d0f25c"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf4f2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /voVOSGnTN004yFVJ1erSasY9g4SR0NqJsN2WxT+zQgTTumq3gzKVMifSyyrNOYiIjyNXoOlwWA=

GET
H3 200 373.a0d497402927.simple-form-v2-rtl-styles.js Show response
static.fundraiseup.com/ 3 KB
2 KB 41ms
40ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/373.a0d497402927.simple-form-v2-rtl-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6635e6faa0b75d53de8ddad06a31ae00d8906ab0ee6148589e3beee58048482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:28 GMT
server: cloudflare
x-amz-request-id: YQHWYZX1FK4YEMGC
age: 1243984
etag: W/"4f77b1a0ed90193b64b26b72f4d87967"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf522bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Sjrb8KTUhtXpS3w7m6m6P9z4ikkPvNqfKN/ZFO7JZW14fFs4Pfylku2+xG6krK2oP8yj5PmcEvk=

GET
H3 200 372.175abd53a626.simple-form-v2.js Show response
static.fundraiseup.com/ 39 KB
11 KB 48ms
48ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/372.175abd53a626.simple-form-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a4549918aa685925a3b567eecde357fb79b1f2370f9c00473966eb1073616c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 9BY33QS41VH1NEGS
age: 381661
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: GXtgbEVnEJaIS4JsE4doX1Ug5GNCl2ZV3jzPJmiJ+R8K+boNI6mDcAn6Z97vB4N67vmjJTLcS4I=
last-modified: Fri, 24 Feb 2023 09:28:22 GMT
server: cloudflare
etag: W/"e94003997ec7956a28ec1b8f0a3f2c5e"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf552bf7-FRA

GET
H3 200 58.c55e5808d365.button-group-v2-styles.js Show response
static.fundraiseup.com/ 2 KB
1 KB 44ms
44ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/58.c55e5808d365.button-group-v2-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfa6b91c5d912c5d922d2af23cbaf14721e12fbcde0318f14ed71997bc7de78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:31 GMT
server: cloudflare
x-amz-request-id: YQHHRZZJHP14HCHE
age: 1243984
etag: W/"8607fdc6e51e07c49ca20bf744f93c19"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf582bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HifLnRI1iISezLVTBNM8O9KloUu6IeDSH6wr5BlMFcY1yu0M02Nq/EeiaYWbSzmcrSoisV/bh8o=

GET
H3 200 57.9eb5a3c7264d.button-group-v2-rtl-styles.js Show response
static.fundraiseup.com/ 2 KB
1 KB 45ms
44ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/57.9eb5a3c7264d.button-group-v2-rtl-styles.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02b5331c4f7399df57c8506965431f4f17f9aad89a168039e4d6b4351fe8cf40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:31 GMT
server: cloudflare
x-amz-request-id: YQHPWKYG86K1AT1F
age: 1243984
etag: W/"fb10c900e5837ce1a0f43cc3fa04eb97"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf5b2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: BRzxkqyFXbY2G6J8IdLTEaLsMqAkR/dHHhbxXPxSZt+qNP2ffrrXxW/j18gGkL389wgvLaSrYu4=

GET
H3 200 56.643cdb94d7f7.button-group-v2.js Show response
static.fundraiseup.com/ 20 KB
7 KB 45ms
45ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/56.643cdb94d7f7.button-group-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37709e0fd1def306506946dbd9aa93f1c99aa9fd00cf3f1c3e9aad3c46a999b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: FVNJS0BNS0G94VJA
age: 470078
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: R5PJ9Wu1+K1Yd1obhQSnQvlP/In+L/yu3Of+yXDKO2LzcDnKuz6QmSMV3UZmXbaJrIMx2XpWqKSrrJ3l8j4tjg==
last-modified: Thu, 23 Feb 2023 09:28:20 GMT
server: cloudflare
etag: W/"415bf1a6bcffe04ef1759147f393e778"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf5e2bf7-FRA

GET
H3 200 392.db4bf3405c53.text-link-v2.js Show response
static.fundraiseup.com/ 721 B
776 B 44ms
44ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/392.db4bf3405c53.text-link-v2.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/436add0502b6.elementsApi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9286fea516d5752b16ca7e3cec6262c971bca5ad922f3d660463894a6ff7a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:29 GMT
server: cloudflare
x-amz-request-id: TN932BM1VRA1YQ7Y
age: 1244598
etag: W/"aa54b3724407471aa3324a603819bc5f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52ebf622bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: PFtAfg8+RxdaS9qUN27TnIqtovP9Qe8/xqtg31zRLsPa0HE9cm+K5ZDnuDnDbCszg7MhIxVNzfw=

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 87ms
21ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1571499566196065&ev=PageView&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&rl=&if=false&ts=1677614676291&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677614676290.1758642606&it=1677614675777&coo=false&rqm=GET

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Feb 2023 20:04:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 10087674.json Show response
s.yimg.com/wi/config/ 2 B
450 B 116ms
41ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10087674.json

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:40:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: 6A8WF136ZA4KC476
age: 1422
content-length: 2
x-amz-id-2: XLT8hSPtTUZa5Z1AZWBWH+dippiOR4+7CvRLLcb12ZYv3IVrrt7rXUgGDx7xkVqt+WvmLcAy1zc=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

GET
H2 403 track_page_view
nova.collect.igodigital.com/c2/100016450/ 43 B
354 B 121ms
120ms Image
image/gif 52.201.100.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/100016450/track_page_view?payload=%7B%22title%22%3A%22Welcome%20to%20the%20Obama%20Foundation%22%2C%22url%22%3A%22https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF%22%2C%22referrer%22%3A%22%22%7D

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.100.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-100-129.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-runtime: 0.003382
date: Tue, 28 Feb 2023 20:04:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
x-xss-protection: 1; mode=block
x-request-id: f823fa16-ed5b-4760-bbc5-2da0ef58c74e

GET
H3 200 5522.c6656108e43b610ccf95.js Show response
static.fundraiseup.com/ 12 KB
4 KB 31ms
31ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5522.c6656108e43b610ccf95.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7a7e9fe3b0c545bc0eca72119a35265f58b90c114c9a1aadc67f9afd4209db5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 09:19:45 GMT
server: cloudflare
x-amz-request-id: AWM644SXT22WHHFJ
age: 1678983
etag: W/"24a66bdaa7e9c3dd906ddc801b15277a"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18022bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 1i669ba5we2WEx75lSMRshviZD9D65J0DkaqoCBLahjvjlTyXg9Amf0Fx3dCnGd/TLRf8MyICWo=

GET
H3 200 8531.bcc68045b22fc9c8f554.js Show response
static.fundraiseup.com/ 106 KB
29 KB 36ms
36ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8531.bcc68045b22fc9c8f554.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b087def9a36f3bdc04568b984b752e4cdd38b592ea31774a3bd37cd6466e90d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 09:39:54 GMT
server: cloudflare
x-amz-request-id: N903YYKBAK0ZKPY6
age: 812995
etag: W/"23e9ee01c64d35e61a77649872375531"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18042bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: hPG466wKHk4N4j//jRxJKuZRpLyQdkU3u+88mtJfi2LCEwWPrTPeCNbOLI+ywGWpyvGHv3Li3ZK0RQEv66h0VA==

GET
H3 200 3881.b47f7c663762341d3acf.js Show response
static.fundraiseup.com/ 8 KB
3 KB 58ms
58ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3881.b47f7c663762341d3acf.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d4babde41db04eee4598374bfcf9b9447c40e3c8e88e7b76b865807e62d9ac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 03 Feb 2023 09:23:09 GMT
server: cloudflare
x-amz-request-id: CPC5FQ3FZRVMAV39
age: 2141123
etag: W/"8f7d3db8bdf4cc0f4eb3a2017303955b"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18052bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ZZ3c4AWJUnuKPqkr8P6NAkwgaoBryQrN8Z3PKOYUAVduTGKn0S0++5UjtgZS5LxaVaqDT9O7W2U=

GET
H3 200 8443.4b992d5b707f3adb3c42.js Show response
static.fundraiseup.com/ 3 KB
2 KB 34ms
33ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/8443.4b992d5b707f3adb3c42.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81acf92bc595059670c0c0c9b0686f8322278490b88d6d9ba8f694b5c7274b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 09:39:54 GMT
server: cloudflare
x-amz-request-id: N903XDNFH6XXHG69
age: 812995
etag: W/"008e602d6756142696b0da6e2b8339e2"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f180b2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: oU5rwPSTpzvAKb1rG3x5aOnTV0zXH2BVgBf4PMEzLa9NPx3yo4BlAMbXrKxkph5zAsmireIVz8//ErMQ3RmmMg==

GET
H3 200 3344.3bd4870059b0af42c836.js Show response
static.fundraiseup.com/ 26 KB
7 KB 35ms
34ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3344.3bd4870059b0af42c836.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12af48f7a184b24995c2640b124a946394fe892a3bccd271b0f8dd868b56f248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 09:19:42 GMT
server: cloudflare
x-amz-request-id: AWM3PNCD5MEMK02R
age: 1678983
etag: W/"9de3a77970da256ae5fab335fc8abe5c"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18152bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: a9TOfoyrxrk3ZMjJQcPL/hpOXgN/dnlAPQ8HtUHDkhMlqYzsNl6ccqMvSPALz4I9o34/GkxYDu4=

GET
H3 200 6595.03be6b7f76c2c37fb4ef.js Show response
static.fundraiseup.com/ 62 KB
19 KB 40ms
40ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6595.03be6b7f76c2c37fb4ef.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f17d30f65071c0187837a442955af2898a1fa5b07ab8448c67fd71cacea5b73b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 09:39:54 GMT
server: cloudflare
x-amz-request-id: N902D22W53B9R8WF
age: 812995
etag: W/"1b4c04a57621a045679aa8947e22bc2a"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18162bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0uEn2n/Puwz52XigMU8iU05hx0mb8W6ZlJuHjbMhSeXqd0iP0KiZLpMJ7GMJ7FAm8wekjJ4/cJmQYdWtm3R5gg==

GET
H3 200 7470.6d0c7eb5a896c7e9a5a3.js Show response
static.fundraiseup.com/ 25 KB
9 KB 33ms
33ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/7470.6d0c7eb5a896c7e9a5a3.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cc66c25fed318c86075748cff18f10625da5d734238a90e0efed1ca5ae71445

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 09:19:46 GMT
server: cloudflare
x-amz-request-id: AWM28RCQGFAWZNEB
age: 1678983
etag: W/"05b32403174d5dd6ea7b17c452ba7bc8"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18172bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NaHVY+jhYav9kpQ7y2iKrSbS/eszzH17rG71i0Ii1i+J7qno33Vtqczh2ZkNGmj74jjEc4GLCZ0=

GET
H3 200 4172.1c0a66e3189eed1ebffd.js Show response
static.fundraiseup.com/ 18 KB
3 KB 31ms
31ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4172.1c0a66e3189eed1ebffd.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01014fb5bed5e21b7ae3ca6d476b9b24617c8b2077dd96fab4836697f1476e01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2022 09:09:09 GMT
server: cloudflare
x-amz-request-id: 6RDV0AKQ64PEQ4M8
age: 473537
etag: W/"440cb8c0adbc34dbdded50b143db1d9f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18192bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fZ9C4uR6NdYFz9gywAzzMV4GxBeM27j4vtwbMXIAg4c1RWYAkzdl3i1S8HkBOqvpeg2IXww0YjA=

GET
H3 200 976.c54dd26be3ebe38e3e43.js Show response
static.fundraiseup.com/ 2 KB
1 KB 53ms
52ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/976.c54dd26be3ebe38e3e43.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c649ccd3175950a89a24ed7311398f799dcca41c2bbf89ca1adc8654755244a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 09:39:55 GMT
server: cloudflare
x-amz-request-id: N90BNHTAZ8VE0A80
age: 812995
etag: W/"63accb066a48a4204e5ed4cce7fbf828"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f181b2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: CF1GLONWzOQ57ne5xrUJNzvhf6khRICmGHFmnvzwqCTJg0lIX5d59SZX3IkMJQ+MI7VfDNZZYVxlZy7Gjc0XRg==

GET
H3 200 2752.dd142f76fee9f6febdc6.js Show response
static.fundraiseup.com/ 11 KB
4 KB 53ms
53ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2752.dd142f76fee9f6febdc6.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a406272612383de16509570ee6f2c6fcdab4388cec30af5c964ca65f666fb67d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8ZSJQN7QB812C7X6
age: 553752
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Rhrr/Bs/jVcTQFC2k3Jvx/f8IB2uCrh1q/Ba89W2lmi9C2eCNlMJTx7hkHfcyFwfC7SyeDrN14Q=
last-modified: Wed, 22 Feb 2023 09:46:14 GMT
server: cloudflare
etag: W/"7754c5ef9bcd913beeb334087c09d671"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f181c2bf7-FRA

GET
H3 200 9389.d8af4aed03bcf036342c.js Show response
static.fundraiseup.com/ 11 KB
3 KB 31ms
31ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9389.d8af4aed03bcf036342c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d989b47e54d68dc2799509c5bc25d088b260a1f2882fd882c36035c8a5983d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 09:19:47 GMT
server: cloudflare
x-amz-request-id: AWM4BVM64G04MGSH
age: 1678983
etag: W/"ce25da562222e84cb76da0374407755c"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f181d2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bfw2QyJW3FsEa40Gxd66auJlZAaUQxmTiwT3LNoQdh578Pjj+IToDuQK7a/J8gjauJBQU0f+xXU=

GET
H3 200 1307.811b84a1bd04470fa6d3.js Show response
static.fundraiseup.com/ 15 KB
6 KB 35ms
34ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1307.811b84a1bd04470fa6d3.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78cdd86c7c7aa83a11c1af642b2c7027fa81b42e59a5ccd3900e8c93712a3d62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 09:46:09 GMT
server: cloudflare
x-amz-request-id: 8ZSY20EAKKBHVS3W
age: 553752
etag: W/"44376e32db5b004232a3cdeba4c74e9d"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f181f2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 0Ds/gT2U5Qo2oxHQE4LTTGJPJFsPyeCCKEOa2iry8xHk1sVAfn/yjKVS3hMKXVZN5aKTh6rnMT4=

GET
H3 200 5294.8c7e7089a098043704e9.js Show response
static.fundraiseup.com/ 7 KB
4 KB 53ms
52ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/5294.8c7e7089a098043704e9.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdda17bbcb59a9290f61b396b9eb308de75015644a78854ad53d1b08945f7b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 09:39:54 GMT
server: cloudflare
x-amz-request-id: N90ATD72J5NJSZQ2
age: 812995
etag: W/"3ff01ebd26c0e629d4e8f2d893fb9581"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18202bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Swo6GRxPpR9C3buEYxTKECUiYxw3voyi3HeS+Nvh8LB8Fnoaodlyr2BIfhxO04bcxIuAKOTgLDxRpsv/nT25Lg==

GET
H3 200 2100.a4abd4b9fd7457ea942b.js Show response
static.fundraiseup.com/ 17 KB
5 KB 37ms
37ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2100.a4abd4b9fd7457ea942b.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d89b65d05448f9dae3dfbe6b9ff58e0306471150e0b852744d220e5090bb022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 09:46:12 GMT
server: cloudflare
x-amz-request-id: 8ZSZ93TACD4WA4RX
age: 553752
etag: W/"aa68c650a14cb766f6244e34f692b2a0"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18222bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: HN0eIhdZCx0GSo3JxRZPNNCVMr2YNhVVSoNAqDUpFnY2AjyuC/pomYp2Tzkk6+sB+uJAZBlMo+s=

GET
H3 200 4826.299003f0b2f3699439d1.js Show response
static.fundraiseup.com/ 12 KB
6 KB 35ms
35ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4826.299003f0b2f3699439d1.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb1ec411dec8f88a91091f716f0f9fdeb3c1ea6c60b17309964f3302f7ecdb92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 Jan 2023 11:08:13 GMT
server: cloudflare
x-amz-request-id: 7W9MVZCY9PHMR867
age: 1322994
etag: W/"4eaa43b6207d6cc581a95cca97763fe4"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18232bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: W2TZEc6URgz8XmIZyghbGLdzFMcrtoVYk+worcV+NAxt9amZcNkbFNj+8DH0CpDhgsjdVd8Fa7w=

GET
H3 200 4531.9baf4f0084ef6483bd45.js Show response
static.fundraiseup.com/ 10 KB
3 KB 33ms
33ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4531.9baf4f0084ef6483bd45.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6bba823ed703b337012037bdb862a7a1e09fcb30c2c89840f661790bff56950

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 09:46:19 GMT
server: cloudflare
x-amz-request-id: 8ZSYH14GJES5G8Y8
age: 553752
etag: W/"b474dddc164c2d3e3be8d529c6ff9da4"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18242bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: /bIFJ25+4QHfik1mCD1oD22xjwKPO/6yxEAI8JxTFHs78TssfKs20graaeLuyqE4F2ulQLE+Gf0=

GET
H3 200 6658.f58a931f5dd663f24177.js Show response
static.fundraiseup.com/ 17 KB
5 KB 38ms
38ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/6658.f58a931f5dd663f24177.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa56f8ad590e2a9551421a208b7d94046e36bc736720428f94ab514899e0f8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4CJSKY6BDCD3Y6Y1
age: 123631
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: pX7sasD67KrEOIq4aftDIlvypn87H0KT+Fvw8W5Iu1OlligtAODfo5DtuHsG0o1v/S44JTgGpRw=
last-modified: Mon, 27 Feb 2023 09:30:25 GMT
server: cloudflare
etag: W/"b3d087000f5a2d8eb973db3cf9b64294"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18282bf7-FRA

GET
H3 200 3646.1ab888896022882a51ce.js Show response
static.fundraiseup.com/ 15 KB
5 KB 34ms
33ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3646.1ab888896022882a51ce.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a13806e5885a98d16760a950f1cb2da2ef616f8852269cd1e0cafd8b4a99c54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 4CJWJDNR1HYEBFVP
age: 123631
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bmsuhJwXLQ0gxk/k41eiQa4Mtxgj+OLmgskZXF+1gP3FMmueuY1tbVANXp+8NJ+WYPNz3Vy/zy4=
last-modified: Mon, 27 Feb 2023 09:30:24 GMT
server: cloudflare
etag: W/"d9fa304629b516b8b034c84634b7d9d2"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18292bf7-FRA

GET
H3 200 3105.b27ed6024260ea177fed.js Show response
static.fundraiseup.com/ 15 KB
6 KB 36ms
35ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3105.b27ed6024260ea177fed.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62feff5a9ce3e26255e9e7de603c6c07e738808a7d0b696cd5cb0b76852409a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 8ZSZJHZWQ3GT1TB1
age: 553752
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: +nuNQJzVDnnMu1+JT5rHVffprVxKTJVCksoO4B110pJ3Tzd9iuVNFyQ/gX6uE7Dg4dngMKUFiEQ=
last-modified: Wed, 22 Feb 2023 09:46:15 GMT
server: cloudflare
etag: W/"d2713a8bd13f4d5bc832d98ae87e2c95"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f182a2bf7-FRA

GET
H3 200 3092.0b19ab7f883580b6e73b.js Show response
static.fundraiseup.com/ 8 KB
3 KB 34ms
34ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3092.0b19ab7f883580b6e73b.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16775349c92dc38f8c3cebce57c62d5ace858e5883b7f6e25aeff0168ad67991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 10 Feb 2023 09:23:35 GMT
server: cloudflare
x-amz-request-id: YC7A5NQ24K8GC6FP
age: 1591679
etag: W/"5836a99dcc0998742cbcd00c366559c2"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f182b2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: UQ8w+0aDgQW18LP0NzQBcYZfYo5BCQbzbTqCW9Q9W8Tst1buPrASKt/YM8FB+9qqW1ZkcY/EQbc=

GET
H3 200 9927.713a6d119ecf33dbbd3f.js Show response
static.fundraiseup.com/ 24 KB
8 KB 51ms
51ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/9927.713a6d119ecf33dbbd3f.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

afc9799bf086d2013803fd1746c57d23d772017f06c83708e482b4a2c200822b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 09 Feb 2023 09:19:47 GMT
server: cloudflare
x-amz-request-id: AWME9CJ5VPRD7ZRH
age: 1678983
etag: W/"62f77c4668a441cceeb735350e32e9cb"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f182d2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Noc7BNnt4uCjwDSU3/dC37P0l5RVrpoqSm85ciSeCCWQxY7Hyljz/9x8o7Xwel3Lymg+AjHPaxY=

GET
H3 200 2000.c20818bd5f5ea6178e9c.js Show response
static.fundraiseup.com/ 17 KB
6 KB 35ms
34ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/2000.c20818bd5f5ea6178e9c.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f0ef89b0f06e40d78468a2b91e488f5bb6824ca95926780aca7f4c284957184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 09:32:17 GMT
server: cloudflare
x-amz-request-id: RM32S6MDJ0VD5631
age: 728426
etag: W/"20198d7fdfe3006ad7cb8f42cdc350cc"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18302bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Xs2c6agGu5+K02U1t4Fxzm9e3YCCZi0je5qgeesHtNs9SClLaWhXRti21SatmZULSh+cV5M/x8g=

GET
H3 200 1178.196ff79afb74f7e98d92.js Show response
static.fundraiseup.com/ 21 KB
6 KB 52ms
51ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1178.196ff79afb74f7e98d92.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3319993e6fd57373c36b7b97a5b7c5b90dd7a27ae193f441373bb5ea0b30a741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 09:32:14 GMT
server: cloudflare
x-amz-request-id: RM398TZ1J48T6N65
age: 728426
etag: W/"64f409ab91c2b13b169878b6e09e3c9b"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18312bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: SKcsop7Q+F3FLBYXWg3/SEJhHwPo0ehRY0lU2Z8uRvf5UqND4iGAiUaNcEp11wPmxL3i3j9mOKY=

GET
H3 200 3313.22bbe352ab6b54c814fe.js Show response
static.fundraiseup.com/ 24 KB
7 KB 35ms
35ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/3313.22bbe352ab6b54c814fe.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ace92a07d4b9cdb188283368fd2885ec259b98c470940409a54df1790def1573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Feb 2023 09:57:27 GMT
server: cloudflare
x-amz-request-id: 8R37GZJFED9SJ5EZ
age: 1242894
etag: W/"305c7f60f8cd0b1606545f7a9a36fc7f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18322bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: gk3qwFG901QOITIu39TiqPiTZ9soYiKy5XDzIVzeYT3w/m+MpxQXnxAyO42zvBdzmEtOqPXYZUw=

GET
H3 200 617.b6c7ec5e120788005108.js Show response
static.fundraiseup.com/ 8 KB
3 KB 52ms
51ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/617.b6c7ec5e120788005108.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acc5290164b4f690b6ffecbd6b02084541a4c2056828e16ebee3d585410a3b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 20 Feb 2023 09:32:25 GMT
server: cloudflare
x-amz-request-id: RM30MTK452SAXGM6
age: 728426
etag: W/"0f1bb3c0935ee0dd8101f3b6e15149e0"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18362bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 6qO6spWwBBlu+ItVyzBzxJhSr6t1OfsJ0KNw/5C4eQ6i+VB+K/Cys+pzImg0i6W5DQlJHMOXJVY=

GET
H3 200 7039.1da6c54817c097d442b5.js Show response
static.fundraiseup.com/ 12 KB
5 KB 52ms
51ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/7039.1da6c54817c097d442b5.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5cfed1e6b4937a25d28dd8f3b5be47db4d830f4c02e1012cc01ed2634b1b4b35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 22 Dec 2022 09:09:10 GMT
server: cloudflare
x-amz-request-id: 9VPSC5M9XDQ2HT2X
age: 473537
etag: W/"2b1ddb7165892c9402993d4068145c8f"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18382bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VYWzgg0kVE3ulplYh/V180GK88o7SrSJBRGKVdV1OragWU06k6xNn3RrLZhV59+EKj0m7yiASFA=

GET
H3 200 1387.dd93741aa20d08c01d54.js Show response
static.fundraiseup.com/ 28 KB
5 KB 53ms
53ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/1387.dd93741aa20d08c01d54.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5ae42a8c69055fc58be2cd3bf46e80f12b9cfc33f0d6fb91161858db63bf2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Jan 2023 09:52:40 GMT
server: cloudflare
x-amz-request-id: AWBW99Q8XBYYMJKJ
age: 2192801
etag: W/"8dad8d1d317fa44207745e8e4de403f3"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f18392bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: JnZVreoKEU4CVYhfTgLJilYJ1Te5KR5l6p9Q7lN/Aq2xcPKgNCRrD/ceKp5JyK0yXw/VcMyuZEk=

GET
H3 200 4465.2da4b21457795bbcb224.js Show response
static.fundraiseup.com/ 16 KB
5 KB 53ms
53ms Script
text/javascript 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/4465.2da4b21457795bbcb224.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d2886bd9633614714dd61b6b9ea8e2b332ebbf6a490a15c96ae907570e97d7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 22 Feb 2023 09:46:19 GMT
server: cloudflare
x-amz-request-id: 8ZSTEMQJK4FQ47Z7
age: 553752
etag: W/"5e14b8b7747672fe2543ffe3f19dc0ec"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: max-age=2678400
cf-ray: 7a0bc52f183c2bf7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: VeTeomTRrxztKJZXHsTUN9dG+ry5YzvR5BAIQ2j8Ff8Wr5P47eKxgi+uJ5DU9rXoGYEPUv6FUhY=

GET
H2 200 /
ucarecdn.com/a6f1a362-c970-47b7-825f-aa557c6f0250/-/resize/470x/-/format/auto/ Frame B6E0 23 KB
24 KB 270ms
129ms Image
image/webp 2a02:26f0:11a::6867:487b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/a6f1a362-c970-47b7-825f-aa557c6f0250/-/resize/470x/-/format/auto/
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:487b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c008896292016baa9b3c3f97e27019934f82e705221b343f9e64dec8156d029b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
x-image-width: 470
server: nginx
etag: "766c349a0ec4b3cc32a0311960c9a611"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31010747
content-disposition: inline
x-image-height: 263
content-length: 23760

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame B6E0 56 KB
56 KB 449ms
420ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.60bddc71096815d0d15a.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: FBS0YYZB8G44Y9B3
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: vBGvVYcb1/Co19XGsB2/+Hztmdo+N1SUxc/V9rH0LGl27NzpD6UTh8QOKZDEP0Eu6D5W9ngXyIE=
last-modified: Tue, 28 Feb 2023 09:29:30 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc52f5fcb3734-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame B6E0 52 KB
52 KB 447ms
419ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c4db12b4fb0be67f4f37.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: FBSDM32K8YZG4QQV
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: mWqFIxIC8wBSZKkSjz7Q/tSLPQEWYeGFvfH2q+fL7xSRaJnP4uHdwyaWmbwJUMx6vfv+dpLK7W8=
last-modified: Tue, 28 Feb 2023 09:29:31 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc52f5fca3734-FRA

GET
H2 200 /
ucarecdn.com/c271af36-8be4-4349-ae87-f365629a2e5c/-/resize/x50/-/format/auto/ Frame B6E0 2 KB
3 KB 265ms
127ms Image
image/webp 2a02:26f0:11a::6867:487b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ucarecdn.com/c271af36-8be4-4349-ae87-f365629a2e5c/-/resize/x50/-/format/auto/
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:11a::6867:487b Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f408a11ada757c644ea8a39faa5475b727830cb715c17b5d2c70be24275751c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
x-image-width: 194
server: nginx
etag: "eeed9c67da3bb4a8cef8ccfb7c0e5645"
vary: accept
access-control-allow-methods: HEAD, GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Etag, X-Image-Width, X-Image-Height, X-Image-Acceptable-Original, X-Image-Acceptable-Improved
cache-control: public, max-age=31363770
content-disposition: inline
x-image-height: 50
content-length: 2322

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2
static.fundraiseup.com/src/fonts/ibm-plex-sans/ Frame B6E0 55 KB
56 KB 423ms
415ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/src/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-500.e17268930006027a6a07.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: MISS
x-amz-request-id: FBS7XPZK7FT6SAXQ
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56460
x-amz-id-2: 95L683gKKre4CTMo4JZys4438CMJdM3rdVPm3323kyHeJLV6fA7oy8NIHCoC5zll2MvPCKxMJK0=
last-modified: Tue, 28 Feb 2023 09:29:30 GMT
server: cloudflare
etag: "cc65a7d46bec1bcadfd3a27d571765f5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc52f5fe23734-FRA

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame C09B 200 B
1 KB 25ms
25ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3010
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 19:14:27 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 24 Feb 2023 18:09:16 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: bLplQxqQyii9NZBCKIR9Qzs_Xv8g-pL4qWv4ztA27gSIhFqywGznYw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
632 B 176ms
47ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2028%20Feb%202023%2020%3A04%3A36%20GMT&n=0&b=Welcome%20to%20the%20Obama%20Foundation&.yp=10087674&f=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&enc=UTF-8&yv=1.13.0&tagmgr=gtm

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Feb 2023 20:04:36 GMT

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 2018 52 KB
52 KB 82ms
82ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-regular.c9e466876957.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: Y22J0P4KYVSSMAF2
age: 1592353
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53064
x-amz-id-2: maLZGpe1urwUKQ/zshjC7sxV5g/fLLYoikAaWaZN7xXnDwU+WBy+LuIRF+TOA3kTUz7gYXURGsE=
last-modified: Fri, 10 Feb 2023 09:23:31 GMT
server: cloudflare
etag: "c9e466876957e9d2128f63b225a81ae3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc53029383734-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 2018 56 KB
56 KB 60ms
60ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: NT08R0GK2Q4Z73R4
age: 2364912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: v/GvxEKBemHRwEyqCNlDBDV3xvAL9BlltNR8pAFFj+7VhXZA518iGhgsdaNrh0kCWpPKLb8r+/8=
last-modified: Wed, 01 Feb 2023 09:25:01 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc53029393734-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 61A4 56 KB
56 KB 37ms
37ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: NT08R0GK2Q4Z73R4
age: 2364912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: v/GvxEKBemHRwEyqCNlDBDV3xvAL9BlltNR8pAFFj+7VhXZA518iGhgsdaNrh0kCWpPKLb8r+/8=
last-modified: Wed, 01 Feb 2023 09:25:01 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc530293a3734-FRA

GET
H3 200 ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2
static.fundraiseup.com/fonts/ibm-plex-sans/ Frame 8976 56 KB
56 KB 116ms
116ms Font
application/octet-stream 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.fundraiseup.com/fonts/ibm-plex-sans/ibm-plex-sans-v8-vietnamese_latin-ext_latin_greek_cyrillic-ext_cyrillic-600.643ad5d92cd7.woff2

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
Origin: https://www.obama.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: HIT
x-amz-request-id: NT08R0GK2Q4Z73R4
age: 2364912
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56996
x-amz-id-2: v/GvxEKBemHRwEyqCNlDBDV3xvAL9BlltNR8pAFFj+7VhXZA518iGhgsdaNrh0kCWpPKLb8r+/8=
last-modified: Wed, 01 Feb 2023 09:25:01 GMT
server: cloudflare
etag: "643ad5d92cd7c31076790077c3003abc"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 7a0bc53039483734-FRA

GET
H2 200 controller-55c85297e1045b45d2cd78c181485ee7.html Show response
js.stripe.com/v3/ Frame E179 325 B
1 KB 24ms
24ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d10227d01614d33e34a740a32929484deb22745e1fcfdbe180bfb5e8a2737344

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 30
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 20:04:07 GMT
etag: "55c85297e1045b45d2cd78c181485ee7"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: wMGAyBM2_zQ6PIMJzblQPNrAlNiFPos1ETyLWBRdeC-0ZIP1lY2C8w==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame C09B 0
600 B 1036ms
595ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame C09B 0
600 B 1037ms
596ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame C09B 631 B
1 KB 26ms
26ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 19:37:13 GMT
x-content-type-options: nosniff
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1645
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 24 Feb 2023 18:09:15 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: WTRQ4IZETrrBrLo1aMG_vq88C7TvS--sHynNI8QcIQBO-n03juy5MQ==

POST
H2 200 csp-report
q.stripe.com/ Frame E179 0
600 B 973ms
587ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E179 319 KB
76 KB 25ms
24ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 1AQQV-4hYCZV2GZvVaG73DyItX6cZ5gKNqFvbUePY14JiFSb-Rw0bg==

GET
H2 200 controller-e59dc56066b0b5e7a04a44e90d2f6e7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E179 473 KB
125 KB 32ms
31ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e59dc56066b0b5e7a04a44e90d2f6e7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a7a68e4b41c490a4bcebeba70c7350835bc39bf82b2199776c0ac7d92b56f3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:27:10 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2253
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:31 GMT
server: Cloudfront
etag: W/"d7d38a5a4c06675a8a8db9e254d1afd0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: r6mx5gNzIQ-CUtwTK-jNbSxZa4FMhumqjblEvaKAyHAPWd7i1gu8nw==

GET
H2 200 controller-55c85297e1045b45d2cd78c181485ee7.html Show response
js.stripe.com/v3/ Frame 37DC 325 B
1 KB 26ms
26ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

d10227d01614d33e34a740a32929484deb22745e1fcfdbe180bfb5e8a2737344

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 30
cache-control: max-age=60
content-length: 325
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 20:04:07 GMT
etag: "55c85297e1045b45d2cd78c181485ee7"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: 5wkIGt1bEkOhPBUE-A0YxGaFIJ2C9-961hqDrOkzO-5rkN8-l0Qluw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html Show response
js.stripe.com/v3/ Frame 9B00 798 B
2 KB 29ms
29ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

403c43abc1e3484dc97f0936c0f33177805ddbd349ad4af011df891525797aa4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2332
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 19:25:48 GMT
etag: "95d5b06b50c1328f069602a0c0560d88"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: Y1BRrZCGDOvzUJ6bo-NM11VmvFU8bkl9fEiYwY_orNXGZLk2zcqGBw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html Show response
js.stripe.com/v3/ Frame E6FF 798 B
2 KB 30ms
29ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

403c43abc1e3484dc97f0936c0f33177805ddbd349ad4af011df891525797aa4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2332
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 19:25:48 GMT
etag: "95d5b06b50c1328f069602a0c0560d88"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: 9ml3p6XuzgE_sexOcMQmZ3gtWBJmQqHeN7zEGYyKf8TjvbVKRwGiOg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html Show response
js.stripe.com/v3/ Frame ADCA 798 B
2 KB 30ms
28ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

403c43abc1e3484dc97f0936c0f33177805ddbd349ad4af011df891525797aa4

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2332
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 19:25:48 GMT
etag: "95d5b06b50c1328f069602a0c0560d88"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: six67ArbCNOIsRHbIsqrz5eAKkeAMXE5_m6nnbTa4kliwSOU9P3pCw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html Show response
js.stripe.com/v3/ Frame F63D 820 B
2 KB 29ms
28ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

dfa766aa921e523146098a444add69367af28bf1ab303b5e0d16beb67bc9622f

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1670
cache-control: max-age=31536000
content-length: 820
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 19:38:07 GMT
etag: "6d9793576462b7a1fb0943a243532fc7"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: 06yiToITJnnA-aY1d7VOipQPycgtq6ytHH6A2eJ9BNgwL7jL5nG-cg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 elements-inner-iban-a1000e1558bba459469af772fa774f6d.html Show response
js.stripe.com/v3/ Frame 9C6C 798 B
2 KB 29ms
28ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

e5694336d8e6b9d1bd8d84585dae0be9f618d2b0db9c87e0f61249b29c451972

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 224
cache-control: max-age=31536000
content-length: 798
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 20:00:53 GMT
etag: "a1000e1558bba459469af772fa774f6d"
last-modified: Mon, 27 Feb 2023 23:10:22 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: tTLHeax3L-21VqLbCe9MgeisBQ0EwVAmJUGG2Y0k138kSAUtc1V6Dg==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 tb
fndrsp.net/ 2 B
263 B 164ms
164ms Ping
text/plain 172.67.71.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.71.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Q%2Fs%2BdJhYXP7qE84M80indW70Zu52%2FTTAuuvL2uIvFY7mi024BSR3SHmopM7WqHUQXtpIooHNIDz0r1RQwEpPrBgondV8CbZ%2B5JSpDT8nMEBr495dAXOwmyIdcQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.obama.org
access-control-allow-credentials: true
cf-ray: 7a0bc5311ec339d0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FF39 930 B
2 KB 116ms
22ms Document
text/html 2600:9000:20eb:ba00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ba00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 160
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 20:01:59 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-id: iZ9nvsok9BHWhaD8POCB8YCgKqSi_9gQVez2FJ1warjRX7m7fzG0Rw==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame 37DC 0
601 B 694ms
392ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 37DC 319 KB
76 KB 25ms
25ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PXxC0Wv9PFGpNQ8nm5bjRLoipR5NVM11OAb4XVhxt2rR-k6EhBoxtw==

GET
H2 200 controller-e59dc56066b0b5e7a04a44e90d2f6e7d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 37DC 473 KB
125 KB 29ms
29ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-e59dc56066b0b5e7a04a44e90d2f6e7d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a7a68e4b41c490a4bcebeba70c7350835bc39bf82b2199776c0ac7d92b56f3d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:27:10 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2253
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:31 GMT
server: Cloudfront
etag: W/"d7d38a5a4c06675a8a8db9e254d1afd0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 8CXhJajCb-ehKAnl0aNZgvwJ0M8Zs1l2eroV13K_b3CLsqjgwBPfzQ==

POST
H2 200 csp-report
q.stripe.com/ Frame 9B00 0
601 B 896ms
597ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 12
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9B00 0
600 B 894ms
595ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 6
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9B00 319 KB
76 KB 34ms
33ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: vdJKQiCJXZ-OL4fmttlu9PTWvGIz7kUCK_HpXVGiSthVviE53siBlQ==

GET
H2 200 ui-shared-b2b9149975402400795d8548ec504366.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9B00 252 KB
71 KB 38ms
37ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b2b9149975402400795d8548ec504366.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

343db0325f1e727022e535398cdc712e02650aa90fe48bc82123aeca7b8703bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:13:08 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3104
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"ec912b127c2ee046bdc9ce838ae30ba2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: zAb0NJn85nfyXhA3t8-nNfUtpKsPoMitfsS43DrwMRsh-J-k6GuiIQ==

GET
H2 200 elements-inner-card-6915a0489488a457944836b9314eff3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9B00 51 KB
14 KB 48ms
46ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-6915a0489488a457944836b9314eff3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a0be60fe2decc45ea161e6b9e5c8a941596922f6f257446154b285a09686c5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:54:02 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 666
x-cache: Hit from cloudfront
last-modified: Fri, 24 Feb 2023 18:09:14 GMT
server: Cloudfront
etag: W/"d144f814d65d49b56cc7fe1156b1b193"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Uv3co-1JtAAMRzwbEkCsn81OwDyvIAV8gfdJaIKKW_d-n_J_2g1k_g==

GET
H2 200 ui-shared-85753171c8d8f8c43373533378523ceb.css
js.stripe.com/v3/fingerprinted/css/ Frame 9B00 19 KB
3 KB 37ms
37ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-85753171c8d8f8c43373533378523ceb.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

19ed27e6bee17eaf798476094b6511e294b1a0a2ebd88be4269fea5aa241ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:04 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 585
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"82027d2c3c67940f36bfe1b504825c7c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: Yu70IN-2YtvRFQI7UG8zf4D6rnMiEYXBUEHyoZR5McIoALL2uCRmUg==

GET
H2 200 elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css
js.stripe.com/v3/fingerprinted/css/ Frame 9B00 9 KB
2 KB 41ms
41ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b6232d62c63a5696999302aa4d0e1658285106b3db3c836160cc679209cfd7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:56 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 530
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"bfae2292884299f0218902960aa79996"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ogf9kBx0VeNu6AQpUm5O5JJBhw4Ev5r6tKgtJPeV2zs5Iaq3xoyzRQ==

GET
H3 200 token Show response
api.fundraiseup.com/paymentSession/8262864231973063929/googlePay/ 235 B
526 B 184ms
184ms XHR
text/plain 104.22.5.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fundraiseup.com/paymentSession/8262864231973063929/googlePay/token?merchantOrigin=www.obama.org

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.22.5.171 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

568ea4935e5f4ebc03b89ba3df481a1bbff0c2b536b29bf5e5b577c9b213632a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' fundraiseup.com
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Tue, 28 Feb 2023 20:04:36 GMT
content-security-policy: frame-ancestors 'self' fundraiseup.com
content-encoding: br
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-response-time: 56ms
pragma: no-cache
server: cloudflare
vary: Origin
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7a0bc5313c562bf7-FRA
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E6FF 0
600 B 684ms
394ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame E6FF 0
601 B 887ms
598ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6FF 319 KB
76 KB 33ms
32ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: UoZZFGA-d_8gVDrmbdt7oWeeSXecbKZOADv0Po8hPhjbh4w3mwdHrg==

GET
H2 200 ui-shared-b2b9149975402400795d8548ec504366.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6FF 252 KB
71 KB 38ms
37ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b2b9149975402400795d8548ec504366.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

343db0325f1e727022e535398cdc712e02650aa90fe48bc82123aeca7b8703bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:13:08 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3104
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"ec912b127c2ee046bdc9ce838ae30ba2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: U9izktgK_K18FfOzuYO4DTA_NBwVWauBU6BAuZYneUiPJeV8gOEZKg==

GET
H2 200 elements-inner-card-6915a0489488a457944836b9314eff3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame E6FF 51 KB
14 KB 47ms
45ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-6915a0489488a457944836b9314eff3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a0be60fe2decc45ea161e6b9e5c8a941596922f6f257446154b285a09686c5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:54:02 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 666
x-cache: Hit from cloudfront
last-modified: Fri, 24 Feb 2023 18:09:14 GMT
server: Cloudfront
etag: W/"d144f814d65d49b56cc7fe1156b1b193"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SG-gZWmkPHvFTVqUpFqAuJN4HQgOUcdWv-pyo3xBeoug4vMnayBI8g==

GET
H2 200 ui-shared-85753171c8d8f8c43373533378523ceb.css
js.stripe.com/v3/fingerprinted/css/ Frame E6FF 19 KB
3 KB 37ms
36ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-85753171c8d8f8c43373533378523ceb.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

19ed27e6bee17eaf798476094b6511e294b1a0a2ebd88be4269fea5aa241ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:04 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 585
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"82027d2c3c67940f36bfe1b504825c7c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: ZKY5gtENtxcjgfvEPY3qjr08UQ3X_gAk9uvEVIz-iZuvss_1MTyZGQ==

GET
H2 200 elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css
js.stripe.com/v3/fingerprinted/css/ Frame E6FF 9 KB
2 KB 37ms
37ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b6232d62c63a5696999302aa4d0e1658285106b3db3c836160cc679209cfd7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:56 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 530
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"bfae2292884299f0218902960aa79996"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: nLmZ8WCEX4E5W7L17GO2KvtpNdzvWjQdwOKCrsQEVS_oYpv3ZaCFTA==

POST
H2 200 csp-report
q.stripe.com/ Frame ADCA 0
601 B 883ms
598ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame ADCA 0
601 B 883ms
597ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 11
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ADCA 319 KB
76 KB 40ms
39ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: OQyedROINY-HgbP1k1L59KqMpSsSLBjDXHQgLSLWPGHPyI-f4iK0Tw==

GET
H2 200 ui-shared-b2b9149975402400795d8548ec504366.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ADCA 252 KB
71 KB 47ms
46ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b2b9149975402400795d8548ec504366.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

343db0325f1e727022e535398cdc712e02650aa90fe48bc82123aeca7b8703bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:13:08 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3104
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"ec912b127c2ee046bdc9ce838ae30ba2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: eRR3Rv-UeeNo8PbwUqsiNiwU9RX97cQNJmsD5KjYAHcP0i5CamblCA==

GET
H2 200 elements-inner-card-6915a0489488a457944836b9314eff3c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame ADCA 51 KB
14 KB 49ms
47ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-6915a0489488a457944836b9314eff3c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a0be60fe2decc45ea161e6b9e5c8a941596922f6f257446154b285a09686c5d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:54:02 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 666
x-cache: Hit from cloudfront
last-modified: Fri, 24 Feb 2023 18:09:14 GMT
server: Cloudfront
etag: W/"d144f814d65d49b56cc7fe1156b1b193"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: kd3uNWrX20_K0X983mG4kWSxbfemc3PZpHewKSqIGcM0p9ZM4gzSTA==

GET
H2 200 ui-shared-85753171c8d8f8c43373533378523ceb.css
js.stripe.com/v3/fingerprinted/css/ Frame ADCA 19 KB
3 KB 43ms
42ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-85753171c8d8f8c43373533378523ceb.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

19ed27e6bee17eaf798476094b6511e294b1a0a2ebd88be4269fea5aa241ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:04 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 585
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"82027d2c3c67940f36bfe1b504825c7c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: R8u69OYa1Q3M3pjiK0-5QfBElvp8juZdp1IzGMwwFo-Y2UlIYiP3ew==

GET
H2 200 elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css
js.stripe.com/v3/fingerprinted/css/ Frame ADCA 9 KB
2 KB 54ms
54ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-a8c69ab9ca72b4bf75901aec8c50690c.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b6232d62c63a5696999302aa4d0e1658285106b3db3c836160cc679209cfd7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:56 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 530
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"bfae2292884299f0218902960aa79996"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: SOqXAtw9aHg_ihFy40_3Ho1KQYo_4hE_tjhw0Ob9-ONerAz7yNUNJQ==

POST
H2 200 csp-report
q.stripe.com/ Frame F63D 0
600 B 675ms
394ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F63D 0
600 B 878ms
596ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 5
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F63D 319 KB
76 KB 46ms
46ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: 0QO2IuE7wsXVnq_3WbDhvdWS4XKZ1gr3mZXmuVgP2er-KOU85_YAsA==

GET
H2 200 ui-shared-b2b9149975402400795d8548ec504366.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F63D 252 KB
71 KB 52ms
52ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b2b9149975402400795d8548ec504366.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

343db0325f1e727022e535398cdc712e02650aa90fe48bc82123aeca7b8703bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:13:08 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3104
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"ec912b127c2ee046bdc9ce838ae30ba2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: TSnsLrV9LzZXfeBZkjfj3AIMlE_Oud7QZdrJI5C48TZR6e5ySKE8Fg==

GET
H2 200 elements-inner-au-bank-account-620ee8794b6bdc1b64924f0cbbb936ac.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F63D 18 KB
6 KB 50ms
48ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-au-bank-account-620ee8794b6bdc1b64924f0cbbb936ac.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

cb73f1531ea14b39afbb37ace24168a2903c5ede501c9b20546630c0403c8b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:40:49 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1533
x-cache: Hit from cloudfront
last-modified: Fri, 17 Feb 2023 15:19:08 GMT
server: Cloudfront
etag: W/"919ae99f2e4b3ccfe49ec81334d025a1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: qN4mmVPK-atrBYtVAxZnnh8QQeY62kJRkCHmHTjuvnVpapb65FhWGw==

GET
H2 200 ui-shared-85753171c8d8f8c43373533378523ceb.css
js.stripe.com/v3/fingerprinted/css/ Frame F63D 19 KB
3 KB 49ms
48ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-85753171c8d8f8c43373533378523ceb.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

19ed27e6bee17eaf798476094b6511e294b1a0a2ebd88be4269fea5aa241ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:04 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 585
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"82027d2c3c67940f36bfe1b504825c7c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xNKTzqCrGejZD_FGC_m2z1TBIbem6SNdzJtvOwI9PNgAohkzHkNuEQ==

GET
H2 200 elements-inner-au-bank-account-57fba3d32760450908b133bd3a67dfe9.css
js.stripe.com/v3/fingerprinted/css/ Frame F63D 803 B
1 KB 54ms
54ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-au-bank-account-57fba3d32760450908b133bd3a67dfe9.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

b3317edb36ae2953f386b91e2dd78698347bcfe17cfb655a27e150763f7905b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 19:38:27 GMT
x-content-type-options: nosniff
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1570
x-cache: Hit from cloudfront
content-length: 803
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: "df8aa0b0d19ae07d20c3a5f512eac71d"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: SX7wUxYNG2xjwfvF6M8bUHXnhNwxXNbDRQStGwc1au0C6pL2hnerKw==

POST
H2 200 csp-report
q.stripe.com/ Frame 9C6C 0
600 B 674ms
396ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 9C6C 0
600 B 672ms
394ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-ad4599315191d0a39d7abaaa2d772bd3.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C6C 319 KB
76 KB 47ms
46ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:46:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2254
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"5f3018a2772a209fb33d8ed85d37d44f"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PKhcJs61VSxm6NEJ97K7o9XTCdOwnm0USpD9QdFzqYeheCB0EL62HA==

GET
H2 200 ui-shared-b2b9149975402400795d8548ec504366.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C6C 252 KB
71 KB 52ms
51ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/ui-shared-b2b9149975402400795d8548ec504366.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

343db0325f1e727022e535398cdc712e02650aa90fe48bc82123aeca7b8703bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:13:08 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 3104
x-cache: Hit from cloudfront
last-modified: Mon, 27 Feb 2023 23:10:33 GMT
server: Cloudfront
etag: W/"ec912b127c2ee046bdc9ce838ae30ba2"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: aUViDJUInG7Ceu4jS26vxK9QmJ27Jq0GOF0KdOmBrwZlHllHW7_yzQ==

GET
H2 200 elements-inner-iban-0fd013d801b9b39efbc7d77a57395593.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 9C6C 19 KB
7 KB 49ms
48ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/elements-inner-iban-0fd013d801b9b39efbc7d77a57395593.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f2c2dda80d72a773b9dd17e147d2a6e31a866bc24afc92fbb9b9c96bae867640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:52:57 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 701
x-cache: Hit from cloudfront
last-modified: Fri, 17 Feb 2023 15:19:08 GMT
server: Cloudfront
etag: W/"7aa1b03a1d51f24a38231a384fca78f1"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: wWC1g9zJD01yuQngQnCyOaGnhRiPb1xTvbtOAt1qWQgOPaF03VhhqA==

GET
H2 200 ui-shared-85753171c8d8f8c43373533378523ceb.css
js.stripe.com/v3/fingerprinted/css/ Frame 9C6C 19 KB
3 KB 46ms
45ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/ui-shared-85753171c8d8f8c43373533378523ceb.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

19ed27e6bee17eaf798476094b6511e294b1a0a2ebd88be4269fea5aa241ccd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 19:55:04 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 585
x-cache: Hit from cloudfront
last-modified: Tue, 21 Feb 2023 20:15:30 GMT
server: Cloudfront
etag: W/"82027d2c3c67940f36bfe1b504825c7c"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: xoFiiDSzis9Ox_7nv8jr73GRHQDurGmiW5w9un_1igkmsSb-CRL5-Q==

GET
H2 200 elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css
js.stripe.com/v3/fingerprinted/css/ Frame 9C6C 485 B
980 B 48ms
48ms Stylesheet
text/css 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/css/elements-inner-iban-3e7da55d4a3877ba3c3a89df8f9b29bc.css

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 20:01:28 GMT
x-content-type-options: nosniff
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 199
x-cache: Hit from cloudfront
content-length: 485
last-modified: Fri, 24 Feb 2023 18:09:06 GMT
server: Cloudfront
etag: "f6ff2b5ca153d43c332b4e54c118e3d0"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: gIZFfpGGt89WPn-_F4qvaxEQHxyX2puYyN_nslB4U6lAlFMpFyywyg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E179 474 B
864 B 73ms
26ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: QxcOt5WmmgD5DxlWqcN-0RlvifAcniaeuOsO7S5w7XyT_3Cy-XXmPg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 37DC 474 B
863 B 66ms
37ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-55c85297e1045b45d2cd78c181485ee7.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: HDPvXPhYDR48Vg3El0x-87rhHv1xCayGh1oKHeYaYGAiQgcOBZUgDw==

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 35ms
35ms Script
text/javascript 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 19:51:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 797
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Feb 2023 20:51:19 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 21ms
20ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1571499566196065&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&rl=&if=false&ts=1677614676774&cd[content_name]=Email_2023_February&cd[content_ids]=%5B%22FUNJCUFXUZQ%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677614676290.1758642606&it=1677614675777&coo=false&eid=event.1677614676773.7339205&rqm=GET

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 28 Feb 2023 20:04:36 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 csp-report
q.stripe.com/ Frame FF39 0
374 B 563ms
395ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 3
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame E6FF 474 B
863 B 26ms
26ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: Pn0sb4XNJ3nKzMdLYyJOWhvYagZBNav2iy2U4E2mOnTZyveti8NAHg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9B00 474 B
864 B 24ms
24ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: mMsP7TQX0OqgIjj6TBJmS5FoYjK7q6rBnxeYVeNncTwlZ9Fyzh89pA==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame 9C6C 474 B
863 B 26ms
26ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-iban-a1000e1558bba459469af772fa774f6d.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: CdO-JYsjaQqCU8MzC9tyjM25BxbFztM4JI70w7DTJ1hH_3pEqMu1Mg==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame F63D 474 B
864 B 26ms
25ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: TnkQ4QIfr0-3LMsi3JAcZkq0kXwKA4FVEeXPHiBBWr172USL5PXhgQ==

GET
H2 200 banks-a7d997c53ff554cc3ec0247e0c61fa42.json Show response
js.stripe.com/v3/fingerprinted/data/ Frame F63D 4 KB
2 KB 624ms
624ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/data/banks-a7d997c53ff554cc3ec0247e0c61fa42.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

4a9508d1b930239dc0fa249afc784febd3ba9b3506f8e258585a87e7de05a6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-au-bank-account-6d9793576462b7a1fb0943a243532fc7.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:04:38 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: RefreshHit from cloudfront
last-modified: Fri, 24 Feb 2023 18:09:07 GMT
server: Cloudfront
etag: W/"a7d997c53ff554cc3ec0247e0c61fa42"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=31536000
timing-allow-origin: *
x-amz-cf-id: dK3ThvRcG0_z3tM-WW6A2_ldXFjr1tVzogIBuEnXhMMfnJZNFR3H9g==

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame ADCA 474 B
863 B 26ms
26ms Fetch
application/json 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.stripe.com/v3/.deploy_status_henson.json
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-76.fra6.r.cloudfront.net
Software: Cloudfront /
Resource Hash: ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/elements-inner-card-95d5b06b50c1328f069602a0c0560d88.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 28 Feb 2023 20:04:18 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
last-modified: Mon, 27 Feb 2023 23:39:09 GMT
server: Cloudfront
x-amz-cf-pop: FRA6-C1
age: 19
etag: "1bde4ede172d95520e42c6eebc0ab657"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
content-length: 474
x-amz-cf-id: 4WWhuQN732i8u5BOjFOnoYtNh3MbsT-BAEF5VLBWtOuATsdbopqJKw==

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FF39 86 KB
14 KB 23ms
23ms Script
text/javascript 2600:9000:20eb:ba00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ba00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:01:21 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 199
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: NR2nY_ymQbSj10Nkt3esq5iu7jq1arOk07ARBDLznGYb1QG5kbtofQ==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X85NK84B9X&gtm=45je32m0&_p=1576700991&cid=1631881306.1677614676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&_s=2&sid=1677614675&sct=1&seg=0&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&dt=Welcome%20to%20the%20Obama%20Foundation&en=form_start&_c=1&ep.form_id=&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.facebook.com%2Ftr%2F&epn.form_length=23&_et=1321
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 28ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-X85NK84B9X&gtm=45je32m0&_p=1576700991&cid=1631881306.1677614676&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAE&_s=3&sid=1677614675&sct=1&seg=0&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&dt=Welcome%20to%20the%20Obama%20Foundation&en=form_submit&_c=1&ep.form_id=&ep.form_name=&ep.form_destination=https%3A%2F%2Fwww.facebook.com%2Ftr%2F&epn.form_length=23
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.obama.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/ Show response
www.facebook.com/tr/ Frame 53BC
Redirect Chain

https://www.facebook.com/tr/
https://www.facebook.com/tr/?redirect=0

0
15 B

20ms
20ms

Document
text/plain

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/?redirect=0

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.obama.org
Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 20:04:37 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: 0
location: /tr/?redirect=0
pragma: no-cache
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 115 KB
35 KB 129ms
72ms Script
application/javascript 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6830154fd8143d0de84ddc9467b398c290b0ab9dcfcae40a33b93562f2120609

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-9c09072Vpd8fw3fQmv5vUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-9c09072Vpd8fw3fQmv5vUQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 28 Feb 2023 20:04:37 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 331ms
259ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 332ms
261ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 528ms
457ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 538ms
467ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 519ms
449ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 525ms
455ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 519ms
450ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
35ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1576700991&t=pageview&_s=2&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&dp=%2F%23FUNJCUFXUZQ%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&ul=en-us&de=UTF-8&dt=Welcome%20to%20the%20Obama%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aDDACEIJBAAAACAMI~&jid=&gjid=&cid=1631881306.1677614676&tid=UA-90041815-1&_gid=1498159981.1677614676&z=127177982

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 21:14:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82237
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
35ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1576700991&t=event&_s=3&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&dp=%2F%23FUNJCUFXUZQ%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&ul=en-us&de=UTF-8&dt=Welcome%20to%20the%20Obama%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Fundraise%20Up%20Checkout%20Events&ea=Fundraise%20Up%20Checkout%20Open&el=Email_2023_February%20(FUNJCUFXUZQ)&_u=aDDACEIJBAAAACAMI~&jid=&gjid=&cid=1631881306.1677614676&tid=UA-90041815-1&_gid=1498159981.1677614676&z=89588580

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 21:14:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82237
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 521ms
456ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 519ms
455ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 520ms
456ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 517ms
453ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 522ms
458ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 521ms
457ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 514ms
451ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 517ms
454ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 322ms
260ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 525ms
463ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 527ms
465ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 526ms
464ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 527ms
466ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 525ms
464ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 526ms
466ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 527ms
467ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 529ms
469ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 531ms
472ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 530ms
471ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 524ms
466ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 529ms
471ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 524ms
468ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 522ms
468ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 522ms
470ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 521ms
469ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 517ms
467ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 520ms
470ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 518ms
470ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 516ms
469ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 517ms
470ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 278ms
261ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 486ms
468ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame 37DC 0
156 B 481ms
465ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 6 Show response
m.stripe.com/ Frame FF39 156 B
553 B 633ms
196ms XHR
application/json 54.190.190.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.190.190.30 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-190-30.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

747fd2e73da87fd30b40669b7014c11bb6856f46e438c8c92e545f5ef57faf4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame FD0A 18 KB
8 KB 220ms
220ms Document
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.obama.org&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0ca109dfb3f664221350b0bf9e3f3a9dc6830855c59f220e71445d0b09eba7b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kyX-K220Fn36nUUfwbDW1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-kyX-K220Fn36nUUfwbDW1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/11033627332/ 3 KB
2 KB 36ms
34ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/11033627332/?random=1677614677319&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-X85NK84B9X&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e983a965c44715b07d51f2bd884baf2577dbe26fe1b3aabf406cb9033e78ef75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1619
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/11033627332/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMS...
https://www.google.com/pagead/1p-conversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googlead...
https://www.google.de/pagead/1p-conversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleads...

42 B
64 B

67ms
66ms

Image
image/gif

2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFWMXNRWWEyOS1GVXpzaVctb0FwcDBIR1R4T2kyTXhpcHNBdEtrdXdxZHRDQjV0Y2djMGtkWEE&is_vtc=1&ocp_id=VV7-Y4vaFPjEmLAPqK2jUA&cid=CAQSKQDUE5ymUmrl2E8TvnhDdutxaydgQaCQgbcrIbSNTX3jM2rGIeA2Jo9F&random=4014176239&ipr=y&prhg=0&ezwbk=AZuM4hDEDt-gzAYDL8Ye9-zxJsNFz2s4D9YCXmM4GyryUwkTblo9UvS9jXkCDlIcOojyBuX5GWcFzHO0M1mhG0V6c57T

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/11033627332/?random=816794189&cv=11&fst=1677614677319&bg=ffffff&guid=ON&async=1&gtm=45je32m0&u_w=1600&u_h=1200&label=AYO2CKnI5u4DEMSVn40p&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&tiba=Welcome%20to%20the%20Obama%20Foundation&auid=143939513.1677614676&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJZ09uMm53WVFpWVduLWEzeXhOTWJFaVVBV0VkcVk4azNsVmtuSTJqQUJ2OEtmNjl2QUdSMHpwZWNOWHU1Y1pWOVlhNWExUXdzGldDaEFJZ09uMm53WVFrb3VBMmVlU3A2MURFaTBBVVVieFFWMXNRWWEyOS1GVXpzaVctb0FwcDBIR1R4T2kyTXhpcHNBdEtrdXdxZHRDQjV0Y2djMGtkWEE&is_vtc=1&ocp_id=VV7-Y4vaFPjEmLAPqK2jUA&cid=CAQSKQDUE5ymUmrl2E8TvnhDdutxaydgQaCQgbcrIbSNTX3jM2rGIeA2Jo9F&random=4014176239&ipr=y&prhg=0&ezwbk=AZuM4hDEDt-gzAYDL8Ye9-zxJsNFz2s4D9YCXmM4GyryUwkTblo9UvS9jXkCDlIcOojyBuX5GWcFzHO0M1mhG0V6c57T
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame FD0A 2 KB
2 KB 137ms
137ms Other
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.obama.org&mid=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H3 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMit... Frame FD0A 156 KB
55 KB 64ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjY_EpcBYJ6W36GFk2_Oqla6GW2pw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwww.obama.org&mid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37d8404bd30edcf0b126f31072d2f0be1f966431542a35ad8051bcbcb3e489bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94827
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56106
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 08:24:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 17:44:10 GMT

GET
H3 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ... Frame FD0A 70 KB
26 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ84B5BMT0.L.B1.O/am=MAYAAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjlcRA3YFhZ_QWMrqwrGP6_p1QZZA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/am=MAYAAg/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrjY_EpcBYJ6W36GFk2_Oqla6GW2pw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47afc8b6993bd9e34f5fdb477777a82387edfe5969490cab1523d0349baf0276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26177
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 17:54:03 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame FD0A 1 MB
383 KB 80ms
80ms XHR
text/html 2a00:1450:400c:c00::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c00::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e112fa64a18264f307930c08c90c92097f99dfb0808d55bcf6a7614d78bb44f0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9hy3uUjXuAjddPQdQwtQUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-9hy3uUjXuAjddPQdQwtQUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 28 Feb 2023 20:04:37 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ... Frame FD0A 23 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ84B5BMT0.L.B1.O/am=MAYAAg/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjlcRA3YFhZ_QWMrqwrGP6_p1QZZA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7a93936ca173df7bd5d2db5fcfcfd8b558b773235ac19b9498ed41772ac5da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9269
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 17:54:03 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ... Frame FD0A 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RV9UreWhqU4.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vpQ84B5BMT0.L.B1.O/am=MAYAAg/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrjlcRA3YFhZ_QWMrqwrGP6_p1QZZA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;yxTchf:KUM7Z;qddgKe:xQtZb;JsbNhc:Xd8iUd;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;Oj465e:KG2eXe;Erl4fe:FloWmf;ul9GGd:VDovNc;sP4Vbe:VwDzFe;a56pNe:JEfCwb;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d480bac1e5cc78f696c16335962c1a46c1b0672b089102b59890eea7ad304b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 17:54:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 94234
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13475
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 06:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 17:54:03 GMT

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
273 B 59ms
56ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
53ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
273 B 60ms
57ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
55ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
273 B 76ms
75ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 102ms
56ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
274 B 60ms
58ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 101ms
55ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
274 B 58ms
56ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 100ms
55ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
273 B 77ms
75ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 100ms
56ms Preflight
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 28 Feb 2023 20:04:37 GMT
expires: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame FD0A 131 B
579 B 102ms
56ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Feb 2023 20:04:37 GMT

GET
H2 200 async-api.6bb277af-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 106ms
27ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Feb 2023 20:04:37 GMT
x-amz-request-id: ZNQ7G23HYJFFEG0A
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1094
x-amz-id-2: 5Qqse1BeTshWTSN2ctEsnE1kyvJIYlUBfWKe01V0Or1hMRWiqQKhrD1Zvl0N+7td6aP7gvzl058=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677614678.731634,VS0,VE2
etag: "dd573d973dfb2a2559befdfb616d511d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 316

GET
H2 200 lazy-loader.48127245-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
1001 B 103ms
24ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Feb 2023 20:04:37 GMT
x-amz-request-id: ZNQC7BN664QTK74M
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 520
x-amz-id-2: YGZXhhZ0s2CUCmfry19xec270AUzzQ8zT2hY6qmZ2UtPTHnaaR4tSYHttPolpqmeWgkk9jfdtqU=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677614678.731234,VS0,VE0
etag: "a3759bbbd15fffd73531bda1e8166ae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 317

GET
H2 200 OF061122SG_0211-scaled.jpg
www.obama.org/wp-content/uploads/ 465 KB
466 KB 67ms
66ms Image
image/jpeg 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/uploads/OF061122SG_0211-scaled.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1378a678a5dafb9bf17d3835a4f6d5ee100b4a51989c7e8f63d55d44af05f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-554c7bcc85-srbgt
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
x-cache-hits: 1, 1
x-cache: HIT, HIT
content-length: 475906
x-served-by: cache-chi-kigq8000097-CHI, cache-hhn-etou8220045-HHN
last-modified: Tue, 21 Feb 2023 13:02:50 GMT
server: cloudflare
x-timer: S1677614678.689364,VS0,VE4
etag: "63f4c0fa-74302"
vary: Accept-Encoding
content-type: image/jpeg
x-styx-req-id: 0ec22ba9-b1e8-11ed-9a84-c2187ed92320
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc5375dab8fef-FRA
expires: Thu, 29 Feb 2024 20:04:37 GMT

GET
H2 200 gettyimages-1463472354-594x594-2.jpeg
www.obama.org/wp-content/uploads/ 161 KB
161 KB 43ms
43ms Image
image/webp 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/uploads/gettyimages-1463472354-594x594-2.jpeg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b49c25320f71850a745b08f9e509d2bb1d44142d04a49fb228ea99aef045c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-f7b495f57-bz6s4
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-content-type-options: nosniff
age: 270853
cf-polished: origFmt=jpeg, origSize=186872
x-cache: HIT, HIT
expires: Thu, 29 Feb 2024 20:04:37 GMT
content-disposition: inline; filename="gettyimages-1463472354-594x594-2.webp"
content-length: 164426
x-served-by: cache-chi-klot8100155-CHI, cache-fra-eddf8230124-FRA
last-modified: Tue, 14 Feb 2023 23:23:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
x-timer: S1677343825.941062,VS0,VE3
etag: "63ec17e2-2d9f8"
vary: Accept, Accept-Encoding
content-type: image/webp
x-styx-req-id: 9e6a711e-acbe-11ed-b46e-becd04e89c84
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc5375dae8fef-FRA
x-cache-hits: 1, 1

GET
H2 200 OF111822JM_031-scaled.jpg
www.obama.org/wp-content/uploads/ 620 KB
621 KB 79ms
79ms Image
image/jpeg 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/uploads/OF111822JM_031-scaled.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53bdb0648f8e3b441f0fe3e315bdfe7a9480563c8fe29628c2eb0405714bd5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-78c9cf5dff-tz827
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: MISS
x-content-type-options: nosniff
x-cache-hits: 92, 1
x-cache: HIT, HIT
content-length: 635162
x-served-by: cache-chi-kigq8000078-CHI, cache-hhn-etou8220039-HHN
last-modified: Wed, 25 Jan 2023 14:14:33 GMT
server: cloudflare
x-timer: S1677614678.691082,VS0,VE18
etag: "63d13949-9b11a"
vary: Accept-Encoding
content-type: image/jpeg
x-styx-req-id: 9abe9b72-9cba-11ed-9540-3ea5c6ff229c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc5375daf8fef-FRA
expires: Thu, 29 Feb 2024 20:04:37 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F544 200 B
1 KB 28ms
27ms Document
text/html 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3011
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 19:14:27 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Fri, 24 Feb 2023 18:09:16 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-id: xyCYFVRpgW7kXS_sfhvAcHCzarIfzkIz_l581eXlSupyGrvs6boJiA==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 2107 0
182 B 269ms
43ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=j40r5zl&ref=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&upid=e9owxxg&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.obama.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Tue, 28 Feb 2023 20:04:37 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

POST
H2 200 0 Show response
r.stripe.com/ Frame E179 0
156 B 199ms
198ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-ad4599315191d0a39d7abaaa2d772bd3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
x-stripe-bg-intended-route-color: blue
date: Tue, 28 Feb 2023 20:04:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H3 200 tb
fndrsp.net/ 2 B
492 B 176ms
175ms Ping
text/plain 172.67.71.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.71.90 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oa37dePb5woGHAzqm2ICd08p0M8knT7oxCnJDvSAWg2uXdA4jNHXijgBZbkJXgQDew7OmxSKRw6oV4jd4JLnIcrlWpnk50Ko%2Fi4F8bO8OWVkU5ZneBcjwExXSPA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.obama.org
access-control-allow-credentials: true
cf-ray: 7a0bc5376d9137fd-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 tb
fndrsp-checkout.net/ 2 B
512 B 581ms
353ms Ping
text/plain 104.26.4.158
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fndrsp-checkout.net/tb

Requested by

Host: cdn.fundraiseup.com
URL: https://cdn.fundraiseup.com/widget/AHNVSXNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.4.158 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 28 Feb 2023 20:04:38 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G0zvuNDh6lbGpMMhXnhT2Qp8YfAMJUPP1Iy0KZyR112Rm9QQ75cxMOTMNsWddYWDQ%2BxvtP0aykms82nSEh0Wv68EreQtAs3RUnzefuvXHkqNF3sYx7EeCwgINLx53sh9HSmBCRM%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.obama.org
access-control-allow-credentials: true
cf-ray: 7a0bc538deb9bbc7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
35ms Image
image/gif 2a00:1450:400d:80c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1576700991&t=timing&_s=4&dl=https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&dp=%2F%23FUNJCUFXUZQ%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF&ul=en-us&de=UTF-8&dt=Welcome%20to%20the%20Obama%20Foundation&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4728&pdt=8&dns=22&rrt=657&srt=906&tcp=53&dit=2560&clt=2560&_gst=2639&_gbt=2869&_u=aDDACEIJBAAAACAMI~&jid=&gjid=&cid=1631881306.1677614676&tid=UA-90041815-1&_gid=1498159981.1677614676&z=1643557175

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80c::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Feb 2023 21:14:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 82237
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame F544 0
600 B 197ms
196ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F544 0
600 B 198ms
197ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F544 631 B
1 KB 27ms
26ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 19:37:13 GMT
x-content-type-options: nosniff
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1646
x-cache: Hit from cloudfront
content-length: 631
last-modified: Fri, 24 Feb 2023 18:09:15 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: RGJSsqHL14OzmGQpdmEL_zGZkWRKls9ch4xxmz4b-SMwKLZBodRmZg==

GET
H2 200 gettyimages-1463472354-594x594-2.jpeg
www.obama.org/wp-content/uploads/ 161 KB
161 KB 44ms
44ms Image
image/webp 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/uploads/gettyimages-1463472354-594x594-2.jpeg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b49c25320f71850a745b08f9e509d2bb1d44142d04a49fb228ea99aef045c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-f7b495f57-bz6s4
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-content-type-options: nosniff
age: 270853
cf-polished: origFmt=jpeg, origSize=186872
x-cache: HIT, HIT
expires: Thu, 29 Feb 2024 20:04:37 GMT
content-disposition: inline; filename="gettyimages-1463472354-594x594-2.webp"
content-length: 164426
x-served-by: cache-chi-klot8100155-CHI, cache-fra-eddf8230124-FRA
last-modified: Tue, 14 Feb 2023 23:23:14 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
x-timer: S1677343825.941062,VS0,VE3
etag: "63ec17e2-2d9f8"
vary: Accept, Accept-Encoding
content-type: image/webp
x-styx-req-id: 9e6a711e-acbe-11ed-b46e-becd04e89c84
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc537ae178fef-FRA
x-cache-hits: 1, 1

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1EBC 930 B
2 KB 25ms
22ms Document
text/html 2600:9000:20eb:ba00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ba00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 161
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Tue, 28 Feb 2023 20:01:59 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-id: co4UAaZjgu0SRENjhGxuipIzehrz3BmnCUHyrLFcYJ3kxxtydWovAA==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 OF061122SG_0211-scaled.jpg
www.obama.org/wp-content/uploads/ 465 KB
465 KB 49ms
49ms Image
image/jpeg 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/uploads/OF061122SG_0211-scaled.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1378a678a5dafb9bf17d3835a4f6d5ee100b4a51989c7e8f63d55d44af05f45

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-b-554c7bcc85-srbgt
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-content-type-options: nosniff
age: 0
x-cache: HIT, HIT
x-cache-hits: 1, 1
content-length: 475906
x-served-by: cache-chi-kigq8000097-CHI, cache-hhn-etou8220045-HHN
last-modified: Tue, 21 Feb 2023 13:02:50 GMT
server: cloudflare
x-timer: S1677614678.689364,VS0,VE4
etag: "63f4c0fa-74302"
vary: Accept-Encoding
content-type: image/jpeg
x-styx-req-id: 0ec22ba9-b1e8-11ed-9a84-c2187ed92320
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc537de5e8fef-FRA
expires: Thu, 29 Feb 2024 20:04:37 GMT

GET
H2 200 OF111822JM_031-scaled.jpg
www.obama.org/wp-content/uploads/ 620 KB
621 KB 44ms
42ms Image
image/jpeg 104.16.91.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.obama.org/wp-content/uploads/OF111822JM_031-scaled.jpg

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.91.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53bdb0648f8e3b441f0fe3e315bdfe7a9480563c8fe29628c2eb0405714bd5ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-pantheon-styx-hostname: styx-fe3-a-78c9cf5dff-tz827
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=15552000
via: 1.1 varnish, 1.1 varnish
cf-cache-status: HIT
x-content-type-options: nosniff
age: 0
x-cache: HIT, HIT
x-cache-hits: 92, 1
content-length: 635162
x-served-by: cache-chi-kigq8000078-CHI, cache-hhn-etou8220039-HHN
last-modified: Wed, 25 Jan 2023 14:14:33 GMT
server: cloudflare
x-timer: S1677614678.691082,VS0,VE18
etag: "63d13949-9b11a"
vary: Accept-Encoding
content-type: image/jpeg
x-styx-req-id: 9abe9b72-9cba-11ed-9540-3ea5c6ff229c
cache-control: public, max-age=31622400
accept-ranges: bytes
cf-ray: 7a0bc537fe958fef-FRA
expires: Thu, 29 Feb 2024 20:04:37 GMT

GET
H2 200 118.d37755e4-1225.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 25ms
23ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Feb 2023 20:04:37 GMT
x-amz-request-id: ZNQ5AKQ25RZ95X79
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3412
x-amz-id-2: QXnmszoR1ztN4E5cqgqZu6v5hC/3hxGhiMKuVq6Z6DihTHVx1mmDEt7FcUCvESQ6vBAaVAOwLoU=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677614678.759088,VS0,VE0
etag: "9c8a05b5703a1c30e0418f9ba42337df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 315

GET
H2 200 page_view_event-aggregate.29613e65-1225.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 24ms
23ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Feb 2023 20:04:37 GMT
x-amz-request-id: ZNQB2WEBATXJBKQT
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1682
x-amz-id-2: i3axP9uZaw1yQX94OVhA3XCytJ5mXEhntQtt7PdhM4JWoSmcAQ6WXZpnkvmQyOhOIMYwlbsEsPw=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677614678.758935,VS0,VE0
etag: "0743ee0ec30428f3654ee07d779efb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 316

GET
H2 200 page_view_timing-aggregate.e791ce32-1225.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 23ms
22ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Feb 2023 20:04:37 GMT
x-amz-request-id: ZNQ5P3MSY60P5STC
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2248
x-amz-id-2: dUFqJNB5lxLLghf/VDwg4z4Nwdbkfihn0uHLJkHqG9bDrJJRb+iwkt+xyWC0tzWEjXHNNKy7Nqg=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677614678.758582,VS0,VE0
etag: "84ba19034cf0206a49ecf68893086bdd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 316

GET
H2 200 metrics-aggregate.b4a54ed9-1225.min.js Show response
js-agent.newrelic.com/ 1 KB
936 B 22ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by: Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding: gzip
via: 1.1 varnish
date: Tue, 28 Feb 2023 20:04:37 GMT
x-amz-request-id: ZNQ5J2G5893VRXBX
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 730
x-amz-id-2: WKJy7Tk9DLO+QuA4f4k15izJHb3GuYduD3Lb7iNfOCXqKq5gcQMz4QguLSlOy5VI40k5o/HttwU=
x-served-by: cache-hhn-etou8220022-HHN
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677614678.758557,VS0,VE0
etag: "395608505dac1e4fbe08bd146e09f5c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 315

POST
H2 200 csp-report
q.stripe.com/ Frame 1EBC 0
374 B 198ms
198ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.obama.org
URL: https://www.obama.org/?form=FUNJCUFXUZQ&utm_source=crm&utm_medium=email&utm_campaign=Digital%20Fundraising%20Email_022823&sfmc_s=0033600001ArDodAAF

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/csp-report

Response headers

x-stripe-bg-intended-route-color: green
pragma: no-cache
date: Tue, 28 Feb 2023 20:04:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 1EBC 86 KB
14 KB 25ms
24ms Script
text/javascript 2600:9000:20eb:ba00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:20eb:ba00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Tue, 28 Feb 2023 20:01:21 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 cdcb559c2f25d8ad2ccf0419bee33b02.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 200
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: Kl_eYFfrvA9Wrfzzjh3oqTz4PxawmEvA6NC0KNFmmXbfDeCQJ6yBjQ==

GET
H/1.1 200
OK 0207d3137c Show response
bam.nr-data.net/1/ 49 B
528 B 684ms
580ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/0207d3137c?a=30404694&v=1225.PROD&to=YlRbNUpWD0QHVxBYCVseeAJMXg5ZSUABXBZZUE0EFVEEVhJBFlQCalJWD0xSD0M5RAVWAw%3D%3D&rst=4973&ck=0&s=9746b7b86ddd8928&ref=https://www.obama.org/&ap=694&be=1705&fe=3023&dc=855&perf=%7B%22timing%22:%7B%22of%22:1677614672913,%22n%22:0,%22f%22:657,%22dn%22:660,%22dne%22:682,%22c%22:682,%22s%22:703,%22ce%22:735,%22rq%22:735,%22rp%22:1641,%22rpe%22:1649,%22dl%22:1652,%22di%22:2560,%22ds%22:2560,%22de%22:2597,%22dc%22:4727,%22l%22:4728,%22le%22:4740%7D,%22navigation%22:%7B%7D%7D&fp=2430&fcp=2544&at=ThNYQwJMHEo%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 28 Feb 2023 20:04:38 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 7a0bc5397d223826-FRA

POST
H2 200 6 Show response
m.stripe.com/ Frame 1EBC 156 B
552 B 196ms
196ms XHR
application/json 54.190.190.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.190.190.30 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-190-190-30.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

2ffbc05c884c31a17871a43f2b42a5bf1ecd9c547b67fc877be4533b207c6753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: green
date: Tue, 28 Feb 2023 20:04:38 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/2/intl/de_ALL/ 270 KB
76 KB 35ms
34ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/2/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDsnqr-BgEQKKvG_-aayb5FO7ILgLhIkBo&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f866db6e9dfa9e1e148ed6aab45660ed3707841501f20bc2c666b564d1b10e3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77010
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 17:17:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 19:10:58 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/52/2/intl/de_ALL/ 159 KB
58 KB 44ms
44ms Script
text/javascript 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/52/2/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDsnqr-BgEQKKvG_-aayb5FO7ILgLhIkBo&libraries=places&callback=initAutocomplete

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50cb7266f8522dd1d6f530bc62a6e8c2985344953f6f11ed0962430cd1ad601f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 19:10:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59428
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 17:17:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Feb 2024 19:10:58 GMT

POST
H2 200 / Show response
api-js.mixpanel.com/track/ 25 B
370 B 187ms
63ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1677614680903

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 28 Feb 2023 20:04:41 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.obama.org
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

POST
H2 200 / Show response
api-js.mixpanel.com/engage/ 25 B
96 B 197ms
75ms XHR
application/json 107.178.240.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api-js.mixpanel.com/engage/?verbose=1&ip=1&_=1677614680905

Requested by

Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.178.240.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.240.178.107.bc.googleusercontent.com

Software

envoy /

Resource Hash

e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800; includeSubDomains

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=604800; includeSubDomains
date: Tue, 28 Feb 2023 20:04:41 GMT
via: 1.1 google
server: envoy
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.obama.org
access-control-expose-headers: X-MP-CE-Backoff
cache-control: no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 42
access-control-allow-headers: X-Requested-With
content-length: 25
alt-svc: clear

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame B6E0 295 B
796 B 25ms
25ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 19:21:39 GMT
x-content-type-options: nosniff
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2592
x-cache: Hit from cloudfront
content-length: 295
last-modified: Fri, 24 Feb 2023 18:09:16 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: u_GuZkJ4_7h9ATyeDgKLWEHUVZWOopNMjuUNwYKD-iuTemdvuqTpKw==

GET
H2 200 trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js Show response
js.stripe.com/v3/fingerprinted/js/ 295 B
794 B 25ms
24ms Script
text/javascript 99.86.4.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-239db17d86d6320632b024ca9e43ba9c.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.76 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-76.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.obama.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Tue, 28 Feb 2023 19:21:39 GMT
x-content-type-options: nosniff
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2593
x-cache: Hit from cloudfront
content-length: 295
last-modified: Fri, 24 Feb 2023 18:09:16 GMT
server: Cloudfront
etag: "477956b204dfd45e10334fc060914d4b"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fphrnw1_B8dzPqdsKyiiWfOUenl_st0vsjbq1FRr6ET2VZKwdUGKlA==

POST
H/1.1 202
Accepted 0207d3137c Show response
bam.nr-data.net/events/1/ 24 B
407 B 262ms
261ms XHR
image/gif 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/0207d3137c?a=30404694&v=1225.PROD&to=YlRbNUpWD0QHVxBYCVseeAJMXg5ZSUABXBZZUE0EFVEEVhJBFlQCalJWD0xSD0M5RAVWAw%3D%3D&rst=15667&ck=0&s=9746b7b86ddd8928&ref=https://www.obama.org/
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 28 Feb 2023 20:04:48 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.obama.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7a0bc57baa893826-FRA
Content-Length: 24

POST
H/1.1 403
Forbidden 0207d3137c Show response
bam.nr-data.net/jserrors/1/ 2 B
407 B 336ms
294ms XHR
application/json 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/jserrors/1/0207d3137c?a=30404694&v=1225.PROD&to=YlRbNUpWD0QHVxBYCVseeAJMXg5ZSUABXBZZUE0EFVEEVhJBFlQCalJWD0xSD0M5RAVWAw%3D%3D&rst=15669&ck=0&s=9746b7b86ddd8928&ref=https://www.obama.org/
Requested by: Host: static.fundraiseup.com
URL: https://static.fundraiseup.com/checkout-sentry-vendor.29122be82a2c32d8fb15.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.obama.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
content-type: text/plain

Response headers

Date: Tue, 28 Feb 2023 20:04:48 GMT
CF-Cache-Status: DYNAMIC
Server: cloudflare
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.obama.org
access-control-allow-credentials: true
Connection: keep-alive
CF-Ray: 7a0bc57bfb4d9b64-FRA
Content-Length: 2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

134 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.obama.org/	1970-01-20 19:27:36	Name: __atuvc Value: 1%7C9
www.obama.org/	1970-01-20 10:00:16	Name: __atuvs Value: 63fe5e53c88031f7000
.obama.org/	1970-01-20 12:09:50	Name: _gcl_au Value: 1.1.143939513.1677614676
.obama.org/	1970-01-20 19:36:14	Name: fundraiseup_cid Value: 16776146755624637367
.addthis.com/	1970-01-20 19:27:36	Name: uvc Value: 1%7C9
.obama.org/	1970-01-20 19:36:14	Name: _ga Value: GA1.2.1631881306.1677614676
.obama.org/	1970-01-20 10:01:41	Name: _gid Value: GA1.2.1498159981.1677614676
.obama.org/	1970-01-20 10:00:14	Name: _gat Value: 1
.obama.org/	1970-01-20 10:01:41	Name: _uetsid Value: 1fb7fb40b7a311edbba2ef0bd4f67c57
.obama.org/	1970-01-20 19:21:50	Name: _uetvid Value: 1fb7eea0b7a311ed9926f74030d46644
.addthis.com/	1970-01-20 19:27:36	Name: loc Value: MDAwMDBFVURFTkkyMzMzMTg4NTAwMTAwMDBDSA==
.bing.com/	1970-01-20 19:21:50	Name: MUID Value: 022C516FCEB2655431D943A9CFD964C0
.obama.org/	1970-01-20 18:45:50	Name: mp_9b1fec362f09c4d341cc79683d55eb25_mixpanel Value: %7B%22distinct_id%22%3A%20%220033600001ArDodAAF%22%2C%22%24device_id%22%3A%20%2218699a077c1557-0b4bf33a2ac5e6-6f385457-1d4c00-18699a077c2898%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%7D%2C%22__mpso%22%3A%20%7B%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22%24user_id%22%3A%20%220033600001ArDodAAF%22%2C%22utm_source%22%3A%20%22crm%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22Digital%20Fundraising%20Email_022823%22%2C%22SFMC_ID%22%3A%20%220033600001ArDodAAF%22%7D
.obama.org/	1970-01-20 18:45:50	Name: _hjSessionUser_383593 Value: eyJpZCI6IjYyMDhjODc3LWVhYzgtNWFkMy1iMDg1LWQ1ZjlkZGU5NTQ3MiIsImNyZWF0ZWQiOjE2Nzc2MTQ2NzYxNDEsImV4aXN0aW5nIjpmYWxzZX0=
.obama.org/	1970-01-20 10:00:16	Name: _hjFirstSeen Value: 1
.obama.org/	1970-01-20 10:00:14	Name: _hjIncludedInSessionSample_383593 Value: 0
.obama.org/	1970-01-20 10:00:16	Name: _hjSession_383593 Value: eyJpZCI6IjBjMjAzMzVlLTYzOWUtNDE5MC05ZWFiLTIwMjY0MzExYjgxNCIsImNyZWF0ZWQiOjE2Nzc2MTQ2NzYxNTIsImluU2FtcGxlIjpmYWxzZX0=
.obama.org/	1970-01-20 10:00:16	Name: _hjAbsoluteSessionInProgress Value: 0
.t.co/	1970-01-20 19:36:14	Name: muc_ads Value: cece0eb7-7b00-45fe-be8d-be515df9d305
.doubleclick.net/	1970-01-20 19:21:50	Name: IDE Value: AHWqTUnYjYWplSIoDoykH2AHjRWebPaScfu8R8H8OnFNcWj4E-zi4Ry92x6PdK7g
.twitter.com/	1970-01-20 19:36:14	Name: personalization_id Value: "v1_jhVMMFfsTCzz7gA0sW0uNA=="
.obama.org/	1970-01-20 12:09:50	Name: _fbp Value: fb.1.1677614676290.1758642606
.yahoo.com/	1970-01-20 18:46:12	Name: A3 Value: d=AQABBFRe_mMCEEWHZSVrc12r5GTjrCVa3BUFEgEBAQGv_2MIZAAAAAAA_eMAAA&S=AQAAAja3Ne4_ZItRHur0ruXpA3A
.obama.org/	1969-12-31 23:59:59	Name: fundraiseup_session Value: {%22t%22:%22.obama.org%22%2C%22s%22:%221677614676045%22%2C%22sp%22:1%2C%22x%22:%2210%22}
.obama.org/	1970-01-20 19:36:14	Name: _ga_X85NK84B9X Value: GS1.1.1677614675.1.0.1677614677.0.0.0
.google.com/	1970-01-20 14:23:45	Name: NID Value: 511=nygrjLOcN0WKraZ3NM2czauXDOFosM9wwmzsyq8mKpbhkjOGsYYZ43gi7_KeG-7oTGkQlAzw1Y4zgoPPlIcBXUmYxo2Xs4uOZbsH158ioyipO6S_EnxIeU9GIM_6nmPMUME7oe_n2xdYp0F_S8TGd_b1JIGTo9fikYCZDhqS9s8
m.stripe.com/	1970-01-20 19:36:14	Name: m Value: cff1793d-403a-48fb-b33f-360eec343b84249a65
.www.obama.org/	1970-01-20 18:45:50	Name: __stripe_mid Value: 3674a364-91dd-45fd-ad81-6b249a321773766c05
.www.obama.org/	1970-01-20 10:00:16	Name: __stripe_sid Value: d76f8eed-45ef-4d4b-bd32-2c706c9519f1090be1

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3-eu-west-1.amazonaws.com/share.typeform.com/share-button.css Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://s3-eu-west-1.amazonaws.com/share.typeform.com/share.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://static.fundraiseup.com/checkout.4120a9218f4a43575fc1.js Message: Allow attribute will take precedence over 'allowpaymentrequest'.
network	error	URL: https://nova.collect.igodigital.com/c2/100016450/track_page_view?payload=%7B%22title%22%3A%22Welcome%20to%20the%20Obama%20Foundation%22%2C%22url%22%3A%22https%3A%2F%2Fwww.obama.org%2F%3Fform%3DFUNJCUFXUZQ%26utm_source%3Dcrm%26utm_medium%3Demail%26utm_campaign%3DDigital%2520Fundraising%2520Email_022823%26sfmc_s%3D0033600001ArDodAAF%22%2C%22referrer%22%3A%22%22%7D Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://bam.nr-data.net/jserrors/1/0207d3137c?a=30404694&v=1225.PROD&to=YlRbNUpWD0QHVxBYCVseeAJMXg5ZSUABXBZZUE0EFVEEVhJBFlQCalJWD0xSD0M5RAVWAw%3D%3D&rst=15669&ck=0&s=9746b7b86ddd8928&ref=https://www.obama.org/ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100016450.collect.igodigital.com
analytics.twitter.com
api-js.mixpanel.com
api.fundraiseup.com
bam.nr-data.net
bat.bing.com
cdn.fundraiseup.com
cdn.mxpnl.com
cdn.polyfill.io
click.email.obama.org
cloud.typography.com
connect.facebook.net
fndrsp-checkout.net
fndrsp.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
js.stripe.com
m.addthis.com
m.stripe.com
m.stripe.network
maps.googleapis.com
nova.collect.igodigital.com
pay.google.com
platform.twitter.com
play.google.com
q.stripe.com
r.stripe.com
region1.google-analytics.com
s.yimg.com
s3-eu-west-1.amazonaws.com
s7.addthis.com
script.hotjar.com
sentry.fundraiseup.com
sp.analytics.yahoo.com
static.ads-twitter.com
static.fundraiseup.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
ucarecdn.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.obama.org
z.moatads.com
s7.addthis.com
104.16.91.119
104.22.5.171
104.244.42.3
104.244.42.5
104.244.42.72
104.26.4.158
107.178.240.159
13.111.100.39
13.224.189.97
13.225.78.63
13.225.85.149
142.250.186.130
147.135.78.45
151.101.2.137
162.247.241.14
172.67.71.90
199.232.16.157
2.18.69.141
2001:4860:4802:32::36
212.82.100.181
23.39.248.185
23.62.220.135
2600:1901:0:bc29::
2600:9000:20eb:ba00:19:7d10:bd80:93a1
2606:2800:234:59:254c:406:2366:268c
2620:1ec:c11::200
2a00:1288:f03d:1fa::2000
2a00:1450:4001:801::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2003
2a00:1450:400c:c00::5c
2a00:1450:400d:802::200a
2a00:1450:400d:803::200a
2a00:1450:400d:804::2002
2a00:1450:400d:806::2003
2a00:1450:400d:807::2004
2a00:1450:400d:80c::200e
2a00:1450:400d:80d::2003
2a00:1450:4025:401::9a
2a02:26f0:11a::6867:487b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::282
35.71.131.137
52.201.100.129
52.218.105.234
54.187.119.242
54.190.190.30
99.86.4.76
01014fb5bed5e21b7ae3ca6d476b9b24617c8b2077dd96fab4836697f1476e01
02b5331c4f7399df57c8506965431f4f17f9aad89a168039e4d6b4351fe8cf40
02b53efd797f3fb4bdbb9a36aac2d8b86d66b060087247ef533a1c78133285bb
02c15239e07310354e2ec37fd64ee0fa1cdb25cb055939d9f84611db1591ff20
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06bf25b467d4f1c7304468f0041853d91da3129ad088766f9d97f907e1423b53
073a5b77e7b6e163569bfcf8568b41ffa108c95e953a699cf3395666b32cd474
0b49c25320f71850a745b08f9e509d2bb1d44142d04a49fb228ea99aef045c51
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0ca109dfb3f664221350b0bf9e3f3a9dc6830855c59f220e71445d0b09eba7b1
0d4babde41db04eee4598374bfcf9b9447c40e3c8e88e7b76b865807e62d9ac7
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ea220d4ad1c32f2b9c3fb1c5c2cce3df57496e54556f092e0f201d4d8622849
115eb25bad8084571bd9d03fb88eed90a156225a679eabe500d466493c6b0bdb
1212e7abb6f32136c5d13b04e540ebe36e773a98acd627d5e56e466f685a0b49
12af48f7a184b24995c2640b124a946394fe892a3bccd271b0f8dd868b56f248
132d41e510f8721b35d81458552f48ed9603313641e0a03c1831b0fa489bec0a
1362a7fc1a96be4941231e5b07315568784e25937c7c4d021379749089e53ca8
1579e8c4cf5e217d9b2a65d679b5f9efd5b09ea584d6891f3ff10475d3ab6a95
16775349c92dc38f8c3cebce57c62d5ace858e5883b7f6e25aeff0168ad67991
19ed27e6bee17eaf798476094b6511e294b1a0a2ebd88be4269fea5aa241ccd5
1a13806e5885a98d16760a950f1cb2da2ef616f8852269cd1e0cafd8b4a99c54
1b39c18711f555dfdfa703e71fefc9a6cbdd13a68ad0ffb30a95fc6998fb5731
1c649ccd3175950a89a24ed7311398f799dcca41c2bbf89ca1adc8654755244a
1ded1815d04f8d9199091223c6862c3942b4cf3cca05a58370bc3b6ce271fe10
1e5b0d7289739113a3dfe27abc2840f9edd42953dde45faa2afc34cb2120a1dc
205b5e5ac97e41a70efe74150a9893bdb05ff1d3921808b96d8780aa31c7940a
22d9259a3d0136e876b1e42b0ab76e30f1088cd80af8c229749f1f220397bf84
2322cabae90997740398db8b7ce580b8b00f001aca5d6f3e653b5cc4a281589a
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2940db97405f6ac535777563983b5f10882d84e3ce8e428684b28e98551e2643
2d989b47e54d68dc2799509c5bc25d088b260a1f2882fd882c36035c8a5983d7
2edf9c80c3cac3c97f456e312f7da6402fc1fdcaf1c04153fea1f704cba07768
2ffbc05c884c31a17871a43f2b42a5bf1ecd9c547b67fc877be4533b207c6753
3319993e6fd57373c36b7b97a5b7c5b90dd7a27ae193f441373bb5ea0b30a741
33277e78117e679f1470aab499f56396e1d94ae48502adcdd15b77c627a8f016
343db0325f1e727022e535398cdc712e02650aa90fe48bc82123aeca7b8703bb
344c5a714ab264c675b49dbbccc4f0d844a3967f2f74691a03a3f4fd5a7b5031
34aa9d1ad96b27bbb03538576c25951145c2e8ae470a7af88168e03944360fee
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
37709e0fd1def306506946dbd9aa93f1c99aa9fd00cf3f1c3e9aad3c46a999b2
37d8404bd30edcf0b126f31072d2f0be1f966431542a35ad8051bcbcb3e489bc
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
403c43abc1e3484dc97f0936c0f33177805ddbd349ad4af011df891525797aa4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
47afc8b6993bd9e34f5fdb477777a82387edfe5969490cab1523d0349baf0276
4812cf4a078168d4a1338dc71eeb59def7a0699ac3535d3f6016e79832a054a0
48d09fdf27b7df5b996fbad7c97c942569e31e5ff462bfd208bbe88cbb5f96b7
496cf55646eb25bf5410eff0a53d3bbd291c3d301c3c9515aaf270a5b38d9fe7
4a9508d1b930239dc0fa249afc784febd3ba9b3506f8e258585a87e7de05a6aa
4f0ef89b0f06e40d78468a2b91e488f5bb6824ca95926780aca7f4c284957184
4f55b4d63895c9d4f06fa005fd150774e99fd64f15675876964606fd3a044e48
4f73088b0e9ecb91172a832197594a169ede1c6be2b0a54e57392ac3f6245149
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50cb7266f8522dd1d6f530bc62a6e8c2985344953f6f11ed0962430cd1ad601f
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
53bdb0648f8e3b441f0fe3e315bdfe7a9480563c8fe29628c2eb0405714bd5ba
56069129b4f776d25f1e14fe61e03f1f2c5f11c8b0737aa5346697fe3ae72e50
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
568ea4935e5f4ebc03b89ba3df481a1bbff0c2b536b29bf5e5b577c9b213632a
586f21a41a83d286841a8566ef8d75cebe76c1ab7fda4e7c61586ba064474cfb
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5cfe66ee024c0c4640ab3f01e85b885bf78a44e65ac037af6c5d1d1d5c15907e
5cfed1e6b4937a25d28dd8f3b5be47db4d830f4c02e1012cc01ed2634b1b4b35
62feff5a9ce3e26255e9e7de603c6c07e738808a7d0b696cd5cb0b76852409a7
64a4549918aa685925a3b567eecde357fb79b1f2370f9c00473966eb1073616c
6830154fd8143d0de84ddc9467b398c290b0ab9dcfcae40a33b93562f2120609
6d89b65d05448f9dae3dfbe6b9ff58e0306471150e0b852744d220e5090bb022
6e2435b53986297ecc6c37a5c3970992623c6201b1df1aa7c10f1401b79c8e14
6e91e73fa61993cea2208718d670f5ed1161039b2c7c9fe38e21cdbd5d5ab181
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
700cca9385b63c93a37081999dac05bf87a5a65892fb3f3151751d8b50360ddc
70193baa9b1d58eb83892614c31ae094f5217f32c367466eaf74ebf8f9e3c2ae
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
747fd2e73da87fd30b40669b7014c11bb6856f46e438c8c92e545f5ef57faf4f
7515d2c55d5a3ceaf127b1112ea12bacb8b0a14a6d4ae6f57f5b75e3d28b38fa
772f8d97204f317f0c752ccfdb8932ffbe79f9b9cfa3647f7b7386905d64589b
78cdd86c7c7aa83a11c1af642b2c7027fa81b42e59a5ccd3900e8c93712a3d62
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
81acf92bc595059670c0c0c9b0686f8322278490b88d6d9ba8f694b5c7274b98
82c0f3b34c077c83026b274a4d8b513ef0696011ea73187a329ede38eaa3f1e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
91275d7ee94801ac16df79d00ffd9c2c603a700c5d9b656e0e3497579a89de42
92747742b0d05de841880d3cad6550593fa08692d26fe086e15d4a5696606a54
92e68cefe3493c5abb05e090d286359d315441654dfe483cd13c372d3378ca10
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ba346503b6c880ec143e04f39f756e0d916e7f5aac3963dea250a58efca5fdf
9cc66c25fed318c86075748cff18f10625da5d734238a90e0efed1ca5ae71445
9d2886bd9633614714dd61b6b9ea8e2b332ebbf6a490a15c96ae907570e97d7e
a0be60fe2decc45ea161e6b9e5c8a941596922f6f257446154b285a09686c5d4
a2137ebfe2b9ff55e1f280dbb1eef301290c50db609c5d6a0494ae8f3c98c253
a406272612383de16509570ee6f2c6fcdab4388cec30af5c964ca65f666fb67d
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6635e6faa0b75d53de8ddad06a31ae00d8906ab0ee6148589e3beee58048482
a7a68e4b41c490a4bcebeba70c7350835bc39bf82b2199776c0ac7d92b56f3d5
a7a7e9fe3b0c545bc0eca72119a35265f58b90c114c9a1aadc67f9afd4209db5
a7de9fcdf3c5d3db4fabc4e378ff387b46ec3741cf54c6521eace07fae3abc23
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
ac3d647a261108cfd32af46149910767f6c7f1a26167fe63a37813d7ac0187fc
ac597c60f976d7d35ddf5f04d1c198209385b6575c21f7d33917e673807ac316
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5290164b4f690b6ffecbd6b02084541a4c2056828e16ebee3d585410a3b1f
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ace92a07d4b9cdb188283368fd2885ec259b98c470940409a54df1790def1573
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afa6fc3b31803772ffd320a754fb28f960e15bd0ab3b789352f3d6c3e80d6598
afc9799bf086d2013803fd1746c57d23d772017f06c83708e482b4a2c200822b
b0626ce5ee4d2f011510da11305c27a143eb9980cab2d848afe1d13f05baa926
b087def9a36f3bdc04568b984b752e4cdd38b592ea31774a3bd37cd6466e90d4
b3317edb36ae2953f386b91e2dd78698347bcfe17cfb655a27e150763f7905b1
b6232d62c63a5696999302aa4d0e1658285106b3db3c836160cc679209cfd7e8
b64a61c58fc4534bbf6b99730c21ff0f7a0afeae5f9409365e67b05a33814dd1
b783cee625709bc59e499c14e46478a041b49a7ca597459843306edf3669b04c
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
bb3d044dccdb8cc77189a4dfcd305f867cb2f92564ca0a96149550bb26e7ef54
bb5a70abb62de9eef4b7bc1b81e4ee037e505d01479083fa09f31c60f26887be
bbfa6b91c5d912c5d922d2af23cbaf14721e12fbcde0318f14ed71997bc7de78
bd9fd05593f2168a333d59615133d6fe1fe255e3fc551a9bf69d845138ecc77c
c008896292016baa9b3c3f97e27019934f82e705221b343f9e64dec8156d029b
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cb1ec411dec8f88a91091f716f0f9fdeb3c1ea6c60b17309964f3302f7ecdb92
cb4cc65213d2cf491f695d77a3c2930894f0efd461df6e2c3f3058a95f68c082
cb73f1531ea14b39afbb37ace24168a2903c5ede501c9b20546630c0403c8b27
cd5ae42a8c69055fc58be2cd3bf46e80f12b9cfc33f0d6fb91161858db63bf2c
cdda17bbcb59a9290f61b396b9eb308de75015644a78854ad53d1b08945f7b47
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
ceb4f051076270acbaf239b51ecf245909710ed4ec88b5252cc4661823e82ce2
cf2d9b61b26a4d62e98cd50a59f267d1e8a6e18f5c586d7b28c68b31e91e125b
cf6ccf168b6fcc48bd13b09c27c8b995fe46c22ef2adf36d66524df6da77e262
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d10227d01614d33e34a740a32929484deb22745e1fcfdbe180bfb5e8a2737344
d193263ad23ef25573c81941144d2f966cd983148de42483d093222e11617b20
d300f525b1e23172dec152ac714387a9847b4eaa8c059245addb6648bf47681a
d480bac1e5cc78f696c16335962c1a46c1b0672b089102b59890eea7ad304b5c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7a93936ca173df7bd5d2db5fcfcfd8b558b773235ac19b9498ed41772ac5da2
d8b4efc9d633bf6a74302401662e42d85a36070ded6ad2497958ccafc2737f81
da3bf9bd6f52aed07a1c4f37dba8936dc02be14da89d89b4bb00a28ccdc6b97f
da7a511c69cdf1e0f950a29019d09854b8919bc154bb95fe5d5ec580ed2f0997
daf2c82f6cc4f0d084fdfb79175e21a26e41e802bfc0120abdc57dc3a3943d3b
dfa766aa921e523146098a444add69367af28bf1ab303b5e0d16beb67bc9622f
e112fa64a18264f307930c08c90c92097f99dfb0808d55bcf6a7614d78bb44f0
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5694336d8e6b9d1bd8d84585dae0be9f618d2b0db9c87e0f61249b29c451972
e6062cdf9f4341d1f72d9b6d33185fb8c14df0da76e6b4b78cef2b21a860ecb8
e8313f60ac8396108991359e86609f8a602747fa257a761eff252f5399c484c4
e9286fea516d5752b16ca7e3cec6262c971bca5ad922f3d660463894a6ff7a19
e983a965c44715b07d51f2bd884baf2577dbe26fe1b3aabf406cb9033e78ef75
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4394a869af97bf9f2996973b0375c470dbf09ac01f0bc5459e0b0043beeda3
f1378a678a5dafb9bf17d3835a4f6d5ee100b4a51989c7e8f63d55d44af05f45
f17d30f65071c0187837a442955af2898a1fa5b07ab8448c67fd71cacea5b73b
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f2c2dda80d72a773b9dd17e147d2a6e31a866bc24afc92fbb9b9c96bae867640
f408a11ada757c644ea8a39faa5475b727830cb715c17b5d2c70be24275751c6
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f4e80421c684d6be6a43eb49834b2e84e8088e2fb41ccac01cb90b90c85cbaee
f6bba823ed703b337012037bdb862a7a1e09fcb30c2c89840f661790bff56950
f866db6e9dfa9e1e148ed6aab45660ed3707841501f20bc2c666b564d1b10e3a
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321
f96a4aaee31785c0d2fff47e549f8ae90448ca68767d707885b5bbb2c53b6881
fa56f8ad590e2a9551421a208b7d94046e36bc736720428f94ab514899e0f8cd
fcd07b422e8a3353007b932ac8361584dbfa0c18d673f8a624274aef2a07c554
fce5637ee90a2bbad0d1b2bafec330a261037cb3d358fef923ed52579409c93e
ff3ece6da7e2958b62da75b5b211de9877efa80818563dfa4f694f1dbd774fe5
ffb13282c12404238bd17c74168e21ae157e1fb9fac1f830f635d49fc8e383e0
ffd26f508931c4ceae231a413558fae645130b58f6f49083ab98135403ded19a

www.obama.org Open in urlscan Pro 104.16.91.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

308 Requests

99 %HTTPS

45 %IPv6

36 Domains

55 Subdomains

48 IPs

9 Countries

7724 kBTransfer

19025 kBSize

29 Cookies

5 Outgoing links

Page URL History

Redirected requests

308 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.obama.org Open in urlscan Pro
104.16.91.119 Public Scan

Screenshot
Live screenshot

Full Image

308
Requests

99 %
HTTPS

45 %
IPv6

36
Domains

55
Subdomains

48
IPs

9
Countries

7724 kB
Transfer

19025 kB
Size

29
Cookies

308 HTTP transactions
9 data transactions