urlscan.io logo urlscan.io
SecurityTrails logo

secure.wickerforsenate.com Open in urlscan Pro
2606:4700::6812:9b15  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.wickerforsenate.com/
Effective URL: https://secure.wickerforsenate.com/donate_home
Submission: On May 08 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 3 countries across 17 domains to perform 73 HTTP transactions. The main IP is 2606:4700::6812:9b15, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.wickerforsenate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.
This is the only time secure.wickerforsenate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 2606:4700::68... 13335 (CLOUDFLAR...)
14 18.66.248.76 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
17 54.186.23.98 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 18.66.248.127 16509 (AMAZON-02)
3 142.250.185.98 15169 (GOOGLE)
1 3 142.250.186.102 15169 (GOOGLE)
1 1 2606:2800:234... 15133 (EDGECAST)
1 199.232.136.157 54113 (FASTLY)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
2 104.244.42.67 13414 (TWITTER)
2 104.244.42.197 13414 (TWITTER)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 34.216.95.44 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
73 22
7    2606:4700::6812:9b15 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.wickerforsenate.com
14    18.66.248.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-76.dus51.r.cloudfront.net
js.stripe.com
1    2606:4700:440e::6812:2fe6 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2490:b600:0:7d26:ee00:93a1 (United States)

ASN16509 (AMAZON-02, US)
d35ligi1n5bgzc.cloudfront.net
17    54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com
q.stripe.com
r.stripe.com
3    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    18.66.248.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-127.dus51.r.cloudfront.net
m.stripe.network
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
3    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
6739201.fls.doubleclick.net
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c1b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
2    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    34.216.95.44 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-95-44.us-west-2.compute.amazonaws.com
m.stripe.com
2    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
32 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2561
q.stripe.com — Cisco Umbrella Rank: 14128
r.stripe.com — Cisco Umbrella Rank: 8127
m.stripe.com — Cisco Umbrella Rank: 2153
423 KB
7 doubleclick.net
6739201.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
4 KB
7 wickerforsenate.com
secure.wickerforsenate.com
224 KB
5 google.de
www.google.de — Cisco Umbrella Rank: 3632
adservice.google.de — Cisco Umbrella Rank: 5351
2 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 20
2 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 887
analytics.twitter.com — Cisco Umbrella Rank: 800
947 B
3 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
33 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
388 B
2 t.co
t.co — Cisco Umbrella Rank: 563
525 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
113 KB
2 stripe.network
m.stripe.network — Cisco Umbrella Rank: 2747
18 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
120 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 963
10 KB
1 cloudfront.net
d35ligi1n5bgzc.cloudfront.net
266 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1595
5 KB
0 revv.co Failed
app.revv.co Failed
73 17
Domain Requested by
14 js.stripe.com secure.wickerforsenate.com
js.stripe.com
13 r.stripe.com js.stripe.com
7 secure.wickerforsenate.com 1 redirects secure.wickerforsenate.com
static.cloudflareinsights.com
4 www.google.de secure.wickerforsenate.com
www.googleadservices.com
4 www.google.com 1 redirects secure.wickerforsenate.com
4 q.stripe.com secure.wickerforsenate.com
3 6739201.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 www.googleadservices.com www.googletagmanager.com
6739201.fls.doubleclick.net
www.googleadservices.com
3 www.google-analytics.com www.googletagmanager.com
secure.wickerforsenate.com
2 www.facebook.com secure.wickerforsenate.com
2 t.co secure.wickerforsenate.com
2 analytics.twitter.com secure.wickerforsenate.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 stats.g.doubleclick.net www.google-analytics.com
2 connect.facebook.net secure.wickerforsenate.com
connect.facebook.net
2 m.stripe.network js.stripe.com
m.stripe.network
2 www.googletagmanager.com secure.wickerforsenate.com
1 adservice.google.de 1 redirects
1 m.stripe.com m.stripe.network
1 adservice.google.com 6739201.fls.doubleclick.net
1 static.ads-twitter.com secure.wickerforsenate.com
1 platform.twitter.com 1 redirects
1 d35ligi1n5bgzc.cloudfront.net secure.wickerforsenate.com
1 static.cloudflareinsights.com secure.wickerforsenate.com
0 app.revv.co Failed secure.wickerforsenate.com
73 25

This site contains links to these domains. Also see Links.

Domain
revv.co
support.revv.co
Subject Issuer Validity Valid
secure.wickerforsenate.com
Cloudflare Inc ECC CA-3		 2022-05-08 -
2023-05-08		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-19 -
2022-08-05		 4 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.stripe.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2022-06-09		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-11 -
2022-08-03		 4 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://secure.wickerforsenate.com/donate_home
Frame ID: BE2E4A6557DA1BCF01E8A977EEC4B83A
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Frame ID: CFA9EB3001942E8FBDA33893AC15B9BA
Requests: 3 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Frame ID: CEFEA15B842AF02145BF907B6134A6FE
Requests: 17 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Frame ID: 10DDBCB9E704507C10C9F76F06409FFC
Requests: 8 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C3F410F99F4DFE5222E47F1F74C81AAB
Requests: 4 HTTP requests in this frame

Frame: https://6739201.fls.doubleclick.net/activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Frame ID: 9FF3E3FB5B7CED62691646EB2FFFC018
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Frame ID: 8C55E777DBB77439AEDB30612A07B4AC
Requests: 1 HTTP requests in this frame

Frame: https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Frame ID: 1A02F93EEE152C93E580B61F833278A0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.de/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LSt3YqVElpP1-A_zqrjIBA&cid=CAQSKQCNIrLMe-Rsw1oCYdRR2m1rpSDNnzCPWfnvWmoizZk7rdjeuDuRm9zA&random=1945335558&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Frame ID: 9CC7BE20EDC2D7BCD831E4E7CF43E0B6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wicker for Senate

Page URL History Show full URLs

  1. https://secure.wickerforsenate.com/ HTTP 302
    https://secure.wickerforsenate.com/donate_home Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.stripe\.com
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Page Statistics

73
Requests

97 %
HTTPS

59 %
IPv6

17
Domains

25
Subdomains

22
IPs

3
Countries

1239 kB
Transfer

3763 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.wickerforsenate.com/ HTTP 302
    https://secure.wickerforsenate.com/donate_home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://6739201.fls.doubleclick.net/activityi;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home HTTP 302
  • https://6739201.fls.doubleclick.net/activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Request Chain 28
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 63
  • https://adservice.google.de/ddm/fls/i/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home HTTP 302
  • https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Request Chain 66
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=LSt3YqVElpP1-A_zqrjIBA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LSt3YqVElpP1-A_zqrjIBA&cid=CAQSKQCNIrLMe-Rsw1oCYdRR2m1rpSDNnzCPWfnvWmoizZk7rdjeuDuRm9zA&random=1945335558&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LSt3YqVElpP1-A_zqrjIBA&cid=CAQSKQCNIrLMe-Rsw1oCYdRR2m1rpSDNnzCPWfnvWmoizZk7rdjeuDuRm9zA&random=1945335558&resp=GooglemKTybQhCsO&ipr=y&prhg=0

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request donate_home
secure.wickerforsenate.com/
Redirect Chain
  • https://secure.wickerforsenate.com/
  • https://secure.wickerforsenate.com/donate_home
28 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
707dbeab0d58861933b9fe566b788b71cdb072b5bdf46fda2610f3cd8b3a154b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
cf-cache-status
DYNAMIC
cf-ray
707ec56e7db8917a-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 02:30:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GPR4xbRZ33LW%2BhHHyMNMC%2BG%2FuwFeoEuXf3sBJw3KNeNtkEOigFh5HeVu80kQzjEg5gW9UiMAOVvD784L47EvPDuLcfLTiC1JOMOhh1syVcOtymz7UPVe9dECNfk3Jq8emnVmfe2iAV2x1ATt2oMAqix40zC9bQ0k6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-rack-cors
miss; no-origin
x-request-id
f199ad2c-c6a5-47a7-a2b1-4e874e70f804
x-revv-cache
Hit from Revv
x-runtime
0.019430
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
707ec56d6c94917a-FRA
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 02:30:03 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://secure.wickerforsenate.com/donate_home
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Xs056Zh3W0%2FQ13x5apHwDqMHKZOchGDthvan3araJ89KmU33NsB8f2UxImYX08WoD7%2F%2BF5D9Ypln5a%2B1QgRxPe6h8l1CrfR0POUxYKRPVnT890UmRlLQoc%2FO2ZhTbyllNJBkdK7Gocl7XtP0KI%2FF7lRicvyrXhD%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-rack-cors
miss; no-origin
x-request-id
72feb5ae-ffcf-4bba-82f7-52ad441d7878
x-runtime
0.016461
x-xss-protection
1; mode=block
/
js.stripe.com/v3/ 		299 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b1dce346afdbb1638e2b272cc3fec60c56251f846bf5f598a07e608598cebbde
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
29
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:35 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 20:08:29 GMT
server
Cloudfront
etag
W/"a9a92481a09e2244cd2812bcbcd75135"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
qCWuhETiYYMKAsTujBP4KFHL0CZw8jgnFcoPs1Bh5s7VTEGhV6QAjg==
landing_page-ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3.css
secure.wickerforsenate.com/assets/ 		221 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/assets/landing_page-ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3.css
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4R28S7FA1HBBZFEJ
content-type
text/css
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
TYhl56HoAJc9Lj1MFcCEI+2DhFHH/NAiVmFgYJRSwVU1QfCPtIngYmhPdp/rQ/c4bS95qdjRuMU=
last-modified
Sat, 07 May 2022 01:58:19 GMT
server
cloudflare
etag
W/"fdd1d398e08d7edc60962d56b79312a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2urjtXxCdVx96Xwh1tpNhql67oL3TohnfAyZAVeYWQ6HUrD7utGdFdSzIqHwmlclOcP5Gkr9kZTnMg5ZUXPTCBkofTyK9%2BEv0k3ipJRFFOszQKFjdPQjCQHXKVz2lKjVrnKjkXok0BrrXI0sW3ng%2FY3hJUDzdKFHlw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
SHMO1MpqVwDNpLIuT1UmHd30ZDJuthZf
cache-control
public, max-age=14400
cf-ray
707ec56fe8569bb6-FRA
expires
Sun, 08 May 2022 06:30:03 GMT
1550001740.css
secure.wickerforsenate.com/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/ 		7 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/1550001740.css
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f625392f9afea21a86adbdb74a90e2abb49f01ffa077039640700ef4f5c47d3c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
date
Sun, 08 May 2022 02:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
2db8d86a-d1dc-4ea8-aad2-36226c349382
x-runtime
0.029889
last-modified
Sun, 08 May 2022 02:30:03 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JtKpkxDX9wS6GX2dVzhiINeTBKBYd%2ByWa57bmkgC%2FFLTFG2Sc%2FkFLq1eFXdN0JCHBRnQE2QXdVlr3VXIA9cxl%2FZAlFyw%2BwZ10e3XBSnD%2BTbwimvry%2F%2Bx7QUrCJGUItkFSZJNukZxAjVmggs93V0fbRBrjhHxsPVPVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=31556952
cf-ray
707ec56fe8579bb6-FRA
expires
Mon, 08 May 2023 08:19:15 GMT
application-landing-page-b9337f170a24660f298a0fde703aad1edd5d75c714ac99c650d22f967d2614e4.js
secure.wickerforsenate.com/assets/ 		622 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/assets/application-landing-page-b9337f170a24660f298a0fde703aad1edd5d75c714ac99c650d22f967d2614e4.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9337f170a24660f298a0fde703aad1edd5d75c714ac99c650d22f967d2614e4
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4R2ER2JFTTBP157V
content-type
application/javascript
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
iJqCCJN4cUlTKbuAe4fDOtW7AiOZD3aNK2zt+5vHtcxJLYU6KSLX6rKuMugkiG3BMYMG0hh9paI=
last-modified
Sat, 07 May 2022 01:58:18 GMT
server
cloudflare
etag
W/"14f37e013e1cc406ec0bab374211699a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LAujwjZuIfkTOOJ8bDXmMgkPECaIkUndGhe%2FNoYd6uCu9lRj7H23jj%2BhcWjBmaaIbLp%2Bf9qqbbEvxYwwTagETBZCaBcnKyoP5Y8xauFST56WUOgHgfI8wdfrw5XdIjdqCu1%2B2QSZovuoYhHxyOfS58qW2aOMdaS5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
LXm4K6XfaXL6Fi3wapDIus9Lh03b.dSf
cache-control
public, max-age=14400
cf-ray
707ec56fe8589bb6-FRA
expires
Sun, 08 May 2022 06:30:03 GMT
revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
secure.wickerforsenate.com/assets/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.wickerforsenate.com/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:03 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
4R2B16RGBPTXNDJ1
content-type
image/png
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2844
x-amz-id-2
74Pk8FSUiK7bd0Ixvr/zRCVHcr6hgx7prKUdX0D2ld/Kr6/nADgvBngCd50pIJAM42nui9UEKb4=
last-modified
Sat, 07 May 2022 01:58:20 GMT
server
cloudflare
etag
"0bdbab7164f21196bc848a313a9e20e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mW1%2FEFwQlxTfDf4mfjPeSsRVQt%2FVEMoc3jPoCJGjN9e616lVrLqPgjKBtCuuVl7Sf3FL53NnHwPLaRumrvAjh%2B766ELUhtr87mPHYGDHc7HglLEgP90Pb7FF36ZQTNnkPXCkFO4OJ5vka9EyfVIwlGZ6Uf9FDm308Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
9JW6kfwIYvJp9KvAQRMc.BlYtYbb52Ht
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
707ec571cb119bb6-FRA
expires
Sun, 08 May 2022 06:30:03 GMT
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:440e::6812:2fe6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer
https://secure.wickerforsenate.com/
Origin
https://secure.wickerforsenate.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:03 GMT
content-encoding
gzip
last-modified
Thu, 09 Dec 2021 19:55:17 GMT
server
cloudflare
etag
W/2021.12.0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
707ec5726e386961-FRA
gtm.js
www.googletagmanager.com/ 		295 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3702019f18dba42ac2e87efb6647b0415c5dacddb36d1b1e1d6e3ddd2d76b576
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:03 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68329
x-xss-protection
0
last-modified
Sun, 08 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 May 2022 02:30:03 GMT
gtm.js
www.googletagmanager.com/ 		138 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b666a6adb3b3da9bb4131b371249ea72e52cc630761d20fce6e721f250b3aa85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53538
x-xss-protection
0
last-modified
Sun, 08 May 2022 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 May 2022 02:30:04 GMT
Wicker_mockup_donation7.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/001/180/large/ 		266 KB
266 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/001/180/large/Wicker_mockup_donation7.png
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/1550001740.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b600:0:7d26:ee00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c4b9888cb69fdf67f531cb3fe0737ca942100cbec3fc9b911116443060f4132a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Sun, 08 May 2022 02:30:05 GMT
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
last-modified
Sat, 17 Jul 2021 20:48:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
etag
"6d2aa617a31bfc11ef8db572b207ad8f"
x-cache
Miss from cloudfront
x-amz-version-id
ewjEsX9EFS9ZDuxCRx55nOWtrTnBWSwq
accept-ranges
bytes
content-type
binary/octet-stream
content-length
272071
x-amz-cf-id
ouzHCLrZGNG85NyqHbyPlELVQQOo18F4gEmL0cpfUh-4COdUlvnzDg==
m-outer-08a68483638f1673180e789f690b2a14.html
js.stripe.com/v3/ Frame CFA9 		240 B
981 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
665
cache-control
max-age=31536000
content-length
240
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 02:19:05 GMT
etag
"08a68483638f1673180e789f690b2a14"
last-modified
Mon, 02 May 2022 23:16:40 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-amz-cf-id
bdDY8vJ0hlFNWGfsExyGPRa5ecTu7ZYNnq8wfNe4uhvpG8jXZD1P0g==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
controller-253fff51c40ba8ada666d2d54dbfb338.html
js.stripe.com/v3/ Frame CEFE 		349 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
cf4971368894c9e77c351b26623b513fe37f6597ce76a6f51ccd165089127ca7
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
9
cache-control
max-age=60
content-length
349
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 02:29:55 GMT
etag
"253fff51c40ba8ada666d2d54dbfb338"
last-modified
Thu, 05 May 2022 19:48:15 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-amz-cf-id
vT4jBhDog4k_9AHSqmsd2ZGzNRz1Gjmw_uvumW3TYiEpnQYeP0jyOg==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
js.stripe.com/v3/ Frame 10DD 		807 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
57db429fa55a92596c10b42e9a4c5cd3baf37feb62f6be0ea200a31a0aa5d9ee
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
2368
cache-control
max-age=31536000
content-length
807
content-security-policy
default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 01:50:45 GMT
etag
"09f1e01dda10fe4512bbf0e7b4744481"
last-modified
Thu, 05 May 2022 19:48:52 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-amz-cf-id
QDAg5-ELN7ZdPXMjDejUtNKVa4R1C4psUXJeebREd7D8PqZElp90jw==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
current_with_info
app.revv.co/api/v3/users/ 		0
0
csp-report
q.stripe.com/ Frame CFA9 		0
571 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame CEFE 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
csp-report
q.stripe.com/ Frame 10DD 		0
570 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
x-envoy-upstream-service-time
2
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
0
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
access-control-max-age
3600
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://js.stripe.com
access-control-expose-headers
Server, Range, Content-Type
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-robots-tag
none
access-control-allow-headers
Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires
0
m-outer-a862395be942d34811e19def0b9ea803.js
js.stripe.com/v3/fingerprinted/js/ Frame CFA9 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/m-outer-08a68483638f1673180e789f690b2a14.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
16
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:49 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Mon, 02 May 2022 23:16:41 GMT
server
Cloudfront
etag
W/"799080ebea6eade0766c4725741ce6bf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
vCupQ1tHx1zJBnzelEQ25uaBMofgaze6-FHg-eAwO_C5QES7dq5Prw==
shared-48112994ab72a8e695e59fe4ecca7ca8.js
js.stripe.com/v3/fingerprinted/js/ Frame CEFE 		216 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
33
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:32 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 19:48:17 GMT
server
Cloudfront
etag
W/"9672c0428c119c8686a9f75259395447"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
pLCAwQ_SeEOuMsQQxQED_uXqxmD-pBUcb1kvq03W0F3LJubWKtN7eQ==
controller-ab4f2ccc05668c4224ee272d7082b806.js
js.stripe.com/v3/fingerprinted/js/ Frame CEFE 		364 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-ab4f2ccc05668c4224ee272d7082b806.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
13340c405759bddee57db1be76be9bd19c908fa2d51d5a9dc57c2b7d85d4d4fe
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/controller-253fff51c40ba8ada666d2d54dbfb338.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
41
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:30:04 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 19:48:34 GMT
server
Cloudfront
etag
W/"b98b71f18a7437acf426dec8f1560bb4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
hD_div4t0EVq2uncqen6ok6K6U3MJzKx990O9x5O8irtWfdH0sW_nQ==
ui-shared-d67f25cf5a6599bb5958b37992528ec9.css
js.stripe.com/v3/fingerprinted/css/ Frame 10DD 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-d67f25cf5a6599bb5958b37992528ec9.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
b214920f5934f6f0db05d259f3a0a8892e2aedeb47d37202fff0e600c03b4aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:50 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Fri, 22 Apr 2022 17:21:10 GMT
server
Cloudfront
etag
W/"936b7600a876fdaee1b486956d21f868"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
EWeePUkxv2KFBoTSRghUNEEXYFXm0J0r5wxLUcI5QIyRD9OhF0239w==
elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
js.stripe.com/v3/fingerprinted/css/ Frame 10DD 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/elements-inner-card-eeb9a1aca6554663f6b78e39a2e20a79.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
48
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:30:04 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Tue, 08 Mar 2022 20:28:40 GMT
server
Cloudfront
etag
W/"0de3030d19b9e3517790795cb6ccc87d"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
Tq4s5Yn36x3MWY_TZwIMl7b3833zpupg870eqiI1LsHTGHZSKKU4sg==
shared-48112994ab72a8e695e59fe4ecca7ca8.js
js.stripe.com/v3/fingerprinted/js/ Frame 10DD 		216 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
33
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:32 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 19:48:17 GMT
server
Cloudfront
etag
W/"9672c0428c119c8686a9f75259395447"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
yTLVrLvs1jkdJhiVJwSKAt33tN9GPqz0P9c4aWbzy1nRJy29ZLYljg==
ui-shared-7730e7413d9ec9859e7b7300811b0260.js
js.stripe.com/v3/fingerprinted/js/ Frame 10DD 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-7730e7413d9ec9859e7b7300811b0260.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
bce0095ed9937a5ed6b4a75703302bcf261ea6b8cff95fc0ffe29b6d168c2ef5
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
17
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:50 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Wed, 04 May 2022 20:49:50 GMT
server
Cloudfront
etag
W/"f299f2f912bd4cf4491638f5ff3d20e1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
zSAhADBntK8h2M2FkJsLy8RnGuskvgsgvj1ov7XdiXS9A4io6gONvw==
elements-inner-card-9ce933bf9e27e3e4ae3cbe21f74bdf06.js
js.stripe.com/v3/fingerprinted/js/ Frame 10DD 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-9ce933bf9e27e3e4ae3cbe21f74bdf06.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
9ed3e2070ab494042daa8515025d285a107a24baf707863bde3b16c9d9f69023
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
14
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:52 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 19:48:19 GMT
server
Cloudfront
etag
W/"7215596f61488cd368e424118ba34a6b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
E4Cjx-YyTYBaB-yYyX4n2TmRBTQqZh05tsOcarDZGfUO2TcPNAGCrA==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
655
date
Sun, 08 May 2022 02:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 08 May 2022 04:19:09 GMT
inner.html
m.stripe.network/ Frame C3F4 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-a862395be942d34811e19def0b9ea803.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-127.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://js.stripe.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
240
cache-control
max-age=300, public
content-length
930
content-security-policy
base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 02:26:05 GMT
etag
"fc2e029628f163bb59adc6fa5a31161c"
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
x-amz-cf-id
2xGxtBfrOzv51Eiv2tHyrH6AtltnEehKsYlvXDfjGs0Yt98Ucq76rA==
x-amz-cf-pop
DUS51-P1
x-cache
Hit from cloudfront
x-content-type-options
nosniff
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14865
x-xss-protection
0
server
cafe
etag
2710672821686371805
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 08 May 2022 02:30:04 GMT
activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
6739201.fls.doubleclick.net/ Frame 9FF3
Redirect Chain
  • https://6739201.fls.doubleclick.net/activityi;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate...
  • https://6739201.fls.doubleclick.net/activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fs...
505 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6739201.fls.doubleclick.net/activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
ef59eef5e7ec952b4be0b1cbda7455c06e5dc7f4988676b5ac0a88c2e9740a39
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
399
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://6739201.fls.doubleclick.net/activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 16:26:14 GMT
etag
"1ce6e12fa6e9b18909e94a06df1ef9cb+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
9561
x-served-by
cache-iad-kjyo7100044-IAD, cache-hhn11561-HHN

Redirect headers

x-tw-cdn
VZ
Date
Sun, 08 May 2022 02:30:04 GMT
Server
ECS (frb/6738)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Server-Timing
"x-cache;desc= ,x-tw-cdn;desc=",edge;dur=1
Content-Length
0
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26311
x-xss-protection
0
pragma
public
x-fb-debug
48awnOPLSEn39RKVtwguwPo0BGhRHOhSNAsWCL/LFC9MKHINtsyQcWRrQX23N+0JQAQalLXBqav2NBH2OvZ6XA==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sun, 08 May 2022 02:30:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
csp-report
q.stripe.com/ Frame C3F4 		0
344 B 		Other
General
Check archive.org
Download Go to
Full URL
https://q.stripe.com/csp-report
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
cross-origin-opener-policy
same-origin
strict-transport-security
max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control
max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
x-robots-tag
none
content-length
0
x-content-type-options
nosniff
expires
0
countryRanges-2362ae52e66bb2e80a8043e5add253fa.json
js.stripe.com/v3/fingerprinted/data/ Frame 10DD 		143 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/countryRanges-2362ae52e66bb2e80a8043e5add253fa.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
6de48c97b08bca88630c7a68fe36fe18a43010ed4d33add156a505fb84176694
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-09f1e01dda10fe4512bbf0e7b4744481.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
37
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:29:29 GMT
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
last-modified
Tue, 22 Mar 2022 15:32:36 GMT
server
Cloudfront
etag
W/"2362ae52e66bb2e80a8043e5add253fa"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
GLtbbt41-jc6wTAPdFyfI3iKSruFsrx9MT4KBYYguO2NIi7NIIHcVQ==
0
r.stripe.com/ Frame CEFE 		0
128 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
out-4.5.42.js
m.stripe.network/ Frame C3F4 		86 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.42.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-127.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
112
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:28:15 GMT
last-modified
Thu, 17 Mar 2022 19:03:12 GMT
server
Cloudfront
etag
W/"21df7244385e5c0bdf32da01d0dad6c0"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control
max-age=300, public
x-amz-cf-pop
DUS51-P1
timing-allow-origin
*
x-amz-cf-id
A-nYNdg1XEHAx8SkxT2_FD5y6kNxGOX5wnC0NFuIwhkbD0qRv1KvCw==
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-73658561-7&cid=1911154676.1651977003&jid=48049319&gjid=342412929&_gid=255463665.1651977003&_u=YGBAiEABBAAAAE~&z=657133411
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 May 2022 02:30:04 GMT
content-type
text/plain
access-control-allow-origin
https://secure.wickerforsenate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-111246538-1&cid=1911154676.1651977003&jid=570553685&gjid=2037480168&_gid=255463665.1651977003&_u=YGDAiEABBAAAAE~&z=563797238
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 May 2022 02:30:04 GMT
content-type
text/plain
access-control-allow-origin
https://secure.wickerforsenate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1455501903&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&ul=en-us&de=UTF-8&dt=Wicker%20for%20Senate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=48049319&gjid=342412929&cid=1911154676.1651977003&tid=UA-73658561-7&_gid=255463665.1651977003&gtm=2wg540NTQZ9N&cd61=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&z=2087895074
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 23:02:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12458
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1455501903&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&ul=en-us&de=UTF-8&dt=Wicker%20for%20Senate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAE~&jid=570553685&gjid=2037480168&cid=1911154676.1651977003&tid=UA-111246538-1&_gid=255463665.1651977003&gtm=2wg540T232Q5&z=1929046819
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 07 May 2022 23:02:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12458
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1635689170016443
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1635689170016443?v=2.9.58&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9639f89444e0a102b263f57b2c537ae21b48d18f469c1bee9c13fb0890c02d32
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ACtxDKlzsP2+qZuvLBjEWpUYWZtR+/yNx2MBtGnSW9kBdiL0yHN2DTqewGmnbAoQrhWBADXGGn7ZXXm8XfmXgw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 08 May 2022 02:30:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1651977004520
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/929531053/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929531053/?random=1651977003524&cv=9&fst=1651977003524&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&tiba=Wicker%20for%20Senate&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
185a6069cd92958425161002fd6313cbe0b22e733ac728019ee7f7611248423b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1018
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
adsct
analytics.twitter.com/i/ 		43 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuc0a&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=2e2f467d-47ed-48bb-b005-856dc4749a66&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
109
date
Sun, 08 May 2022 02:30:03 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
5a7b883cad36712a657cf517eca71922d38735ccaa5830b8697541f375c4fac4
content-length
43
adsct
t.co/i/ 		43 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuc0a&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=2e2f467d-47ed-48bb-b005-856dc4749a66&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
115
date
Sun, 08 May 2022 02:30:04 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
b70c85b73496137a1776a4bcc873b4f5c9ff32e818058a4533bbe3ebd88d3f14
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuy0h&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=6de9b7c8-ca1b-46f8-8857-2ed27d5730ce&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
109
date
Sun, 08 May 2022 02:30:03 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
5a7b883cad36712a657cf517eca71922d38735ccaa5830b8697541f375c4fac4
content-length
43
adsct
t.co/i/ 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.4&p_id=Twitter&p_user_id=0&txn_id=nuy0h&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=6de9b7c8-ca1b-46f8-8857-2ed27d5730ce&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
110
date
Sun, 08 May 2022 02:30:04 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
b70c85b73496137a1776a4bcc873b4f5c9ff32e818058a4533bbe3ebd88d3f14
content-length
43
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:04 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
adservice.google.com/ddm/fls/i/ Frame 8C55 		504 B
868 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: 6739201.fls.doubleclick.net
URL: https://6739201.fls.doubleclick.net/activityi;dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2945e0589a185d0273b8241924469c0ae0c4b451f592f7b725b32540eb550dd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6739201.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
400
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111246538-1&cid=1911154676.1651977003&jid=570553685&_u=YGDAiEABBAAAAE~&z=1151543608
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-111246538-1&cid=1911154676.1651977003&jid=570553685&_u=YGDAiEABBAAAAE~&z=1151543608
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73658561-7&cid=1911154676.1651977003&jid=48049319&_u=YGBAiEABBAAAAE~&z=805271353
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-73658561-7&cid=1911154676.1651977003&jid=48049319&_u=YGBAiEABBAAAAE~&z=805271353
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6
m.stripe.com/ Frame C3F4 		156 B
522 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.95.44 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-95-44.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0da1ff7625d48bba1dc34d924012381e8aae2e94b6dd203a0a2767cff6cd1181
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 May 2022 02:30:05 GMT
x-content-type-options
nosniff
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
156
/
www.google.com/pagead/1p-user-list/929531053/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/929531053/?random=1651977003524&cv=9&fst=1651975200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&tiba=Wicker%20for%20Senate&async=1&fmt=3&is_vtc=1&random=1801112018&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/929531053/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/929531053/?random=1651977003524&cv=9&fst=1651975200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&tiba=Wicker%20for%20Senate&async=1&fmt=3&is_vtc=1&random=1801112018&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1635689170016443&ev=PageView&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&rl=&if=false&ts=1651977003884&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&fbp=fb.1.1651977003882.120302186&it=1651977003521&coo=false&rqm=GET
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 08 May 2022 02:30:04 GMT
dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
6739201.fls.doubleclick.net/ddm/fls/r/ Frame 1A02
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wi...
  • https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fs...
953 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
f2343b7a8aaba70601eb848590058de4b6f98076c6b39fe3ad7d8e4f169f62fb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
gzip
content-length
535
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:04 GMT
expires
Sun, 08 May 2022 02:30:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:04 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
conversion.js
www.googleadservices.com/pagead/ Frame 1A02 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 6739201.fls.doubleclick.net
URL: https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CJq9kPTtzvcCFQTRGwodoacOmQ;src=6739201;type=invmedia;cat=xulrnxiw;ord=248786190423;gtm=2wg540;auiddc=1977549119.1651977003;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
4d999495f11893461b0b9698205ff03567dfe0507b25f3777516c83cc2d78dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6739201.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16891
x-xss-protection
0
server
cafe
etag
8734957610480584535
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 08 May 2022 02:30:04 GMT
/
www.googleadservices.com/pagead/conversion/856609794/ Frame 1A02 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/856609794/?random=1651977004179&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=1&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
51efb3cf4dcc33aba30ff4cde41c3a698fdb9c2d5bb7c40e398eff7e3b459bd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6739201.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 02:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1251
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/856609794/ Frame 9CC7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h...
  • https://www.google.com/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1...
  • https://www.google.de/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
63 B
100 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LSt3YqVElpP1-A_zqrjIBA&cid=CAQSKQCNIrLMe-Rsw1oCYdRR2m1rpSDNnzCPWfnvWmoizZk7rdjeuDuRm9zA&random=1945335558&resp=GooglemKTybQhCsO&ipr=y&prhg=0
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/856609794/?random=1651977004179&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=1&fmt=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
76
content-security-policy
script-src 'none'; object-src 'none'
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
76
content-security-policy
script-src 'none'; object-src 'none'
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 02:30:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://www.google.de/pagead/1p-conversion/856609794/?random=143552864&cv=9&fst=1651977004179&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCJq9kPTtzvcCFQTRGwodoacOmQ%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D248786190423%3Bgtm%3D2wg540%3Bauiddc%3D1977549119.1651977003%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=LSt3YqVElpP1-A_zqrjIBA&cid=CAQSKQCNIrLMe-Rsw1oCYdRR2m1rpSDNnzCPWfnvWmoizZk7rdjeuDuRm9zA&random=1945335558&resp=GooglemKTybQhCsO&ipr=y&prhg=0
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:05 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain
rum
secure.wickerforsenate.com/cdn-cgi/ 		0
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:9b15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.wickerforsenate.com/donate_home
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
content-type
application/json

Response headers

date
Sun, 08 May 2022 02:30:05 GMT
x-content-type-options
nosniff
server
cloudflare
cf-ray
707ec57a5e419bb6-FRA
x-frame-options
DENY
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1635689170016443&ev=Microdata&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&rl=&if=false&ts=1651977004387&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Wicker%20for%20Senate%22%2C%22meta%3Adescription%22%3A%22Home%20Page%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Wicker%20for%20Senate%22%2C%22og%3Adescription%22%3A%22Home%20Page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home%22%2C%22og%3Asite_name%22%3A%22Wicker%20for%20Senate%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home%22%2C%22twitter%3Atitle%22%3A%22Wicker%20for%20Senate%22%2C%22twitter%3Adescription%22%3A%22Home%20Page%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fassets%2Frevv-social-image-2714b01e512cb005e00d896bee24df9e812b4c25906522cacffd69f97f722f9a.png%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fassets%2Frevv-social-image-2714b01e512cb005e00d896bee24df9e812b4c25906522cacffd69f97f722f9a.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=1&o=30&fbp=fb.1.1651977003882.120302186&it=1651977003521&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sun, 08 May 2022 02:30:05 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sun, 08 May 2022 02:30:05 GMT
trusted-types-checker-6b5dcbbe8df6dbf0df700c1bde26cdf9.js
js.stripe.com/v3/fingerprinted/js/ 		173 B
671 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-6b5dcbbe8df6dbf0df700c1bde26cdf9.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-76.dus51.r.cloudfront.net
Software
Cloudfront /
Resource Hash
7623e67313a44fe6f67708716bfca34526b405ed762655516fd2d47b6196bc4f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 5297df6326448099cefed6e96fd7b00a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
5
x-cache
Hit from cloudfront
date
Sun, 08 May 2022 02:30:06 GMT
content-length
173
last-modified
Thu, 05 May 2022 19:48:27 GMT
server
Cloudfront
etag
"1a55f504ea9bb5d4c8dd06cc94f6e0a7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
aVS2IoxKvz0bzVvWVuJ1yJLWrALcH8TiDMNrKMm0JrVsm9axO9fuqA==
0
r.stripe.com/ Frame CEFE 		0
127 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.stripe.com/0
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-48112994ab72a8e695e59fe4ecca7ca8.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-186-23-98.stripe.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json
Referer
https://js.stripe.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://js.stripe.com
date
Sun, 08 May 2022 02:30:10 GMT
access-control-allow-credentials
true
server
nginx
content-length
0
content-type
text/plain

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
app.revv.co
URL
https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_QZ6VxC9By3RJLHRhco5Am22N&redirect=https://secure.wickerforsenate.com/donate_home

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| dataLayer boolean| isWinRed string| app_platform object| __webpackStripeJSv3Jsonp function| Stripe function| BestInPlaceEditor function| $ function| jQuery object| jQuery11240538522780717837 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill function| UAParser function| gm_authFailure function| tmpl object| ActionCable object| antiClickjack object| __cfBeacon function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr

17 Cookies

Domain/Path Name / Value
.wickerforsenate.com/ Name: _revv_v3_session
Value: RU1IanRYM1hFRmxSaWpNT0VVaVNXUURTM1QwZHYreEhpdmwrUkdxT0cxOWV1VEhuZWlLUDNsSzErSFFHL3ZPUzhJc0V2WmtPSmoyOU9NMWxIMUx2RGtPVGF6Ti80YWV5TnBCaWdmcTQvaUVwanFITW52eWtCNzZsc25hdHBabVQ0ZjI1ZEJvRjJtb241b0F0SzVocVJrTFp4WVhLZTJ5VDBZNlErQkxodGl4QU5jQXRLMG1idTFxWWFqajYzYUg0TkpEN29jYlp0b0doZzhscVdLSzMxaUJLTy96cjV4ZnlubXAzWGxuNzNpeS8zWENqZ3g4YUQ1UnFKNXpoQ1VSSjVsVGFwRzFqNWFnNWRvem1lbUxiSmdwdVlrTkpJTlBJdWJGcUtnQUFrRi8xaURlTWRlbTFDUWVYOGo4Y0hlWXo0bkhhVXVkTk5ERU5qZmhOWmlhdU5EUDNHSmtvYUQ2RmZlRFBpNGo0ZDBocmF0SjNqVjZZTGhPK1pWQ3NPaEpuLS1NNDZvdGdOT3hLMUVEditRaGJtQXRRPT0%3D--412df117ab479140a82a57b973fb53b90e7a6f1a
secure.wickerforsenate.com/ Name: origin_url
Value: https://secure.wickerforsenate.com/donate_home
.revv.co/ Name: __cf_bm
Value: .DP.yYUvAOO5vDmqMBd.WKH.sEJP05T1JMg5S9ZkCFM-1651977004-0-AZL7AnV6WZVIM50B85/kGV0oSv7uGNdc5MvrpYh02WPDBnjn/W3lg3woxVFDPhjPBqNGoGVE+bSchDa8DluTMUYPQ1ZQFkO8ktg5H00s/nL/
.wickerforsenate.com/ Name: _gcl_au
Value: 1.1.1977549119.1651977003
.wickerforsenate.com/ Name: _ga
Value: GA1.2.1911154676.1651977003
.wickerforsenate.com/ Name: _gid
Value: GA1.2.255463665.1651977003
.wickerforsenate.com/ Name: _dc_gtm_UA-73658561-7
Value: 1
.secure.wickerforsenate.com/ Name: _ga
Value: GA1.3.1911154676.1651977003
.secure.wickerforsenate.com/ Name: _gid
Value: GA1.3.255463665.1651977003
.secure.wickerforsenate.com/ Name: _dc_gtm_UA-111246538-1
Value: 1
.twitter.com/ Name: personalization_id
Value: "v1_ECYCFPYTlxwdIK6GmVozSQ=="
.wickerforsenate.com/ Name: _fbp
Value: fb.1.1651977003882.120302186
.t.co/ Name: muc_ads
Value: 50884e66-0df7-49ef-a32a-955f49173601
.doubleclick.net/ Name: IDE
Value: AHWqTUkV9dV3YhJcoi3-c4lP9qm5pvam9WYIZyaGidlaRsHeIgyk4EygDnSJqENRGzI
m.stripe.com/ Name: m
Value: 6cfed94c-da5d-48ea-a081-23f106d48ef49af1e4
.secure.wickerforsenate.com/ Name: __stripe_mid
Value: 503366f8-91d0-44d8-82b8-cd1dcb6708292ba9a6
.secure.wickerforsenate.com/ Name: __stripe_sid
Value: 6732a034-4002-4cfa-9663-2976aff8073f3662ef

2 Console Messages

Source Level URL
Text
javascript error URL: https://secure.wickerforsenate.com/donate_home
Message:
Access to XMLHttpRequest at 'https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_QZ6VxC9By3RJLHRhco5Am22N&redirect=https://secure.wickerforsenate.com/donate_home' from origin 'https://secure.wickerforsenate.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_QZ6VxC9By3RJLHRhco5Am22N&redirect=https://secure.wickerforsenate.com/donate_home
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6739201.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
app.revv.co
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
platform.twitter.com
q.stripe.com
r.stripe.com
secure.wickerforsenate.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
app.revv.co
104.244.42.197
104.244.42.67
142.250.185.98
142.250.186.102
18.66.248.127
18.66.248.76
199.232.136.157
2600:9000:2490:b600:0:7d26:ee00:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:440e::6812:2fe6
2606:4700::6812:9b15
2a00:1450:4001:803::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9b
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
34.216.95.44
54.186.23.98
0da1ff7625d48bba1dc34d924012381e8aae2e94b6dd203a0a2767cff6cd1181
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13340c405759bddee57db1be76be9bd19c908fa2d51d5a9dc57c2b7d85d4d4fe
185a6069cd92958425161002fd6313cbe0b22e733ac728019ee7f7611248423b
2945e0589a185d0273b8241924469c0ae0c4b451f592f7b725b32540eb550dd5
32efd3c886b0811738301f293d38482b2b18f34a7d2b5ed6dd197fd08c821815
3702019f18dba42ac2e87efb6647b0415c5dacddb36d1b1e1d6e3ddd2d76b576
4d999495f11893461b0b9698205ff03567dfe0507b25f3777516c83cc2d78dc2
51efb3cf4dcc33aba30ff4cde41c3a698fdb9c2d5bb7c40e398eff7e3b459bd3
55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468
57db429fa55a92596c10b42e9a4c5cd3baf37feb62f6be0ea200a31a0aa5d9ee
6d8ae0c2a72a4788401dfafdb70222050b25fb608994674d095eec4585681c4b
6de48c97b08bca88630c7a68fe36fe18a43010ed4d33add156a505fb84176694
707dbeab0d58861933b9fe566b788b71cdb072b5bdf46fda2610f3cd8b3a154b
7623e67313a44fe6f67708716bfca34526b405ed762655516fd2d47b6196bc4f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
93cc545f534a75a876beccc35125e563e20bb9857714482547fc151f07d57595
9639f89444e0a102b263f57b2c537ae21b48d18f469c1bee9c13fb0890c02d32
9ed3e2070ab494042daa8515025d285a107a24baf707863bde3b16c9d9f69023
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1dce346afdbb1638e2b272cc3fec60c56251f846bf5f598a07e608598cebbde
b214920f5934f6f0db05d259f3a0a8892e2aedeb47d37202fff0e600c03b4aeb
b666a6adb3b3da9bb4131b371249ea72e52cc630761d20fce6e721f250b3aa85
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
b9337f170a24660f298a0fde703aad1edd5d75c714ac99c650d22f967d2614e4
bce0095ed9937a5ed6b4a75703302bcf261ea6b8cff95fc0ffe29b6d168c2ef5
c4b9888cb69fdf67f531cb3fe0737ca942100cbec3fc9b911116443060f4132a
cf4971368894c9e77c351b26623b513fe37f6597ce76a6f51ccd165089127ca7
e23fac2f057580d70af9ec918478f1301da860e7ef34309548774dcf6004d44f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf2bd3d92596d7daa1105013ab1a9df04c5638908c58a816aebedd3d299aefd
ed2cfbae056c88926421b90b4c881a73fad880442ee14d7d6e929966db009cf3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef59eef5e7ec952b4be0b1cbda7455c06e5dc7f4988676b5ac0a88c2e9740a39
f2343b7a8aaba70601eb848590058de4b6f98076c6b39fe3ad7d8e4f169f62fb
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f625392f9afea21a86adbdb74a90e2abb49f01ffa077039640700ef4f5c47d3c
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505