urlscan.io logo urlscan.io
SecurityTrails logo

act.moveon.org Open in urlscan Pro
54.193.52.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mvn.to/343
Effective URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022...
Submission: On June 05 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 27 IPs in 4 countries across 20 domains to perform 77 HTTP transactions. The main IP is 54.193.52.57, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is act.moveon.org. The Cisco Umbrella rank of the primary domain is 264837.
TLS certificate: Issued by R3 on April 13th 2022. Valid for: 3 months.
This is the only time act.moveon.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 44.193.187.112 14618 (AMAZON-AES)
4 54.193.52.57 16509 (AMAZON-02)
1 2a02:26f0:710... 20940 (AKAMAI-ASN1)
2 2600:9000:218... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 52.216.184.237 16509 (AMAZON-02)
4 52.222.236.47 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f01... 32934 (FACEBOOK)
4 2a00:1450:400... 15169 (GOOGLE)
1 104.89.17.148 16625 (AKAMAI-AS)
1 18.66.115.169 16509 (AMAZON-02)
1 13.225.77.90 16509 (AMAZON-02)
2 3.122.176.248 16509 (AMAZON-02)
4 2a03:2880:f11... 32934 (FACEBOOK)
2 54.84.243.85 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 52.10.108.48 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
8 52.29.29.134 16509 (AMAZON-02)
5 151.101.1.35 54113 (FASTLY)
1 3 143.204.55.31 16509 (AMAZON-02)
1 35.80.101.90 16509 (AMAZON-02)
1 2 64.4.245.84 17012 (PAYPAL)
1 2a04:4e42:200... 54113 (FASTLY)
77 27
1    44.193.187.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-187-112.compute-1.amazonaws.com
mvn.to
4    54.193.52.57 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-193-52-57.us-west-1.compute.amazonaws.com
act.moveon.org
1    2a02:26f0:7100:48e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
2    2600:9000:2182:3400:1e:1a7c:ac00:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.moveon.org
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
14    52.216.184.237 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    52.222.236.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-47.fra56.r.cloudfront.net
js.braintreegateway.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
3    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.89.17.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-17-148.deploy.static.akamaitechnologies.com
a17053551565.cdn.optimizely.com
1    18.66.115.169 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-115-169.fra56.r.cloudfront.net
cdn.segment.com
1    13.225.77.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-77-90.fra2.r.cloudfront.net
gxibconi.micpn.com
2    3.122.176.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-176-248.eu-central-1.compute.amazonaws.com
payments.braintree-api.com
4    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    54.84.243.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-243-85.compute-1.amazonaws.com
logx.optimizely.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.10.108.48 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-10-108-48.us-west-2.compute.amazonaws.com
api.segment.io
2    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    52.29.29.134 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
client-analytics.braintreegateway.com
5    151.101.1.35 (United States)

ASN54113 (FASTLY, US)
c.paypal.com
3    143.204.55.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-55-31.osl50.r.cloudfront.net
assets.braintreegateway.com
1    35.80.101.90 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-80-101-90.us-west-2.compute.amazonaws.com
ssl.kaptcha.com
2    64.4.245.84 (United States)

ASN17012 (PAYPAL, US)
b.stats.paypal.com
dub.stats.paypal.com
1    2a04:4e42:200::291 (United States)

ASN54113 (FASTLY, US)
c6.paypal.com
Apex Domain
Subdomains		 Transfer
15 braintreegateway.com
js.braintreegateway.com — Cisco Umbrella Rank: 7986
client-analytics.braintreegateway.com — Cisco Umbrella Rank: 7640
assets.braintreegateway.com — Cisco Umbrella Rank: 17380
115 KB
14 amazonaws.com
s3.amazonaws.com
268 KB
8 paypal.com
c.paypal.com — Cisco Umbrella Rank: 5878
b.stats.paypal.com — Cisco Umbrella Rank: 4597
dub.stats.paypal.com — Cisco Umbrella Rank: 17560
c6.paypal.com — Cisco Umbrella Rank: 6573
42 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
40 KB
6 moveon.org
act.moveon.org — Cisco Umbrella Rank: 264837
static.moveon.org
105 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
577 B
4 gstatic.com
fonts.gstatic.com
62 KB
4 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 277
fonts.googleapis.com — Cisco Umbrella Rank: 42
91 KB
4 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 661
a17053551565.cdn.optimizely.com — Cisco Umbrella Rank: 849895
logx.optimizely.com — Cisco Umbrella Rank: 1077
89 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
201 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
505 B
2 braintree-api.com
payments.braintree-api.com — Cisco Umbrella Rank: 9539
2 KB
1 kaptcha.com
ssl.kaptcha.com — Cisco Umbrella Rank: 9355
366 B
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1006
173 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
73 KB
1 micpn.com
gxibconi.micpn.com
15 KB
1 segment.com
cdn.segment.com — Cisco Umbrella Rank: 1444
61 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 624
66 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 671
11 KB
1 mvn.to
mvn.to
748 B
77 20
Domain Requested by
14 s3.amazonaws.com act.moveon.org
static.moveon.org
ajax.googleapis.com
8 client-analytics.braintreegateway.com js.braintreegateway.com
assets.braintreegateway.com
6 www.google-analytics.com cdn.segment.com
www.google-analytics.com
www.googletagmanager.com
5 c.paypal.com js.braintreegateway.com
c.paypal.com
4 www.facebook.com act.moveon.org
4 fonts.gstatic.com fonts.googleapis.com
4 js.braintreegateway.com act.moveon.org
4 act.moveon.org act.moveon.org
3 assets.braintreegateway.com 1 redirects js.braintreegateway.com
3 connect.facebook.net act.moveon.org
connect.facebook.net
3 fonts.googleapis.com static.moveon.org
2 stats.g.doubleclick.net www.google-analytics.com
2 logx.optimizely.com cdn.optimizely.com
2 payments.braintree-api.com js.braintreegateway.com
2 static.moveon.org act.moveon.org
1 c6.paypal.com
1 dub.stats.paypal.com
1 b.stats.paypal.com 1 redirects
1 ssl.kaptcha.com js.braintreegateway.com
1 api.segment.io cdn.segment.com
1 www.googletagmanager.com cdn.segment.com
1 gxibconi.micpn.com act.moveon.org
1 cdn.segment.com act.moveon.org
1 a17053551565.cdn.optimizely.com cdn.optimizely.com
1 code.jquery.com act.moveon.org
1 maxcdn.bootstrapcdn.com act.moveon.org
1 ajax.googleapis.com act.moveon.org
1 cdn.optimizely.com act.moveon.org
1 mvn.to 1 redirects
77 29

This site contains links to these domains. Also see Links.

Domain
moveon.org
front.moveon.org
Subject Issuer Validity Valid
act.demandaplan.org
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
cdn.optimizely.com
DigiCert SHA2 Secure Server CA		 2021-12-24 -
2022-12-24		 a year crt.sh
www.moveon.org
Amazon		 2021-07-27 -
2022-08-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
checkout.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2021-07-07 -
2022-08-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-03 -
2023-06-07		 a year crt.sh
*.segment.com
Amazon		 2022-01-12 -
2023-02-10		 a year crt.sh
*.micpn.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
payments.braintree-api.com
DigiCert SHA2 Extended Validation Server CA		 2021-12-08 -
2022-11-12		 a year crt.sh
logx.optimizely.com
Amazon		 2021-08-23 -
2022-09-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.segment.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
client-analytics.braintreegateway.com
DigiCert SHA2 High Assurance Server CA		 2022-03-16 -
2023-04-16		 a year crt.sh
www.paypal.com
DigiCert SHA2 Extended Validation Server CA		 2022-04-12 -
2023-04-12		 a year crt.sh
ssl.kaptcha.com
Thawte RSA CA 2018		 2021-11-01 -
2022-11-27		 a year crt.sh

This page contains 7 frames:

Primary Page: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Frame ID: 5C2CBD965B93D60C664FE210BDB2D1E0
Requests: 61 HTTP requests in this frame

Frame: https://a17053551565.cdn.optimizely.com/client_storage/a17053551565.html
Frame ID: 08C6AFDF119366B60DFA966397664695
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.64.2/html/hosted-fields-frame.min.html
Frame ID: B36BFCAA2404936C4060A6950FECE87A
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.64.2/html/hosted-fields-frame.min.html
Frame ID: 61AB1CA98D92B0E9E21EC2D08812D6F5
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454
Frame ID: 6DE0AA3126E8B4BEEC151E98D3949667
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 90970FC625197EBD95D949CA9FECC125
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14
Frame ID: EFDFE03F4FE28BA151AB11620FF570FD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Power MoveOn's democracy-saving plan to defeat MAGA candidates for secretary of state and Congress | MoveOn.org

Page URL History Show full URLs

  1. http://mvn.to/343 HTTP 302
    https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggest... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • js\.braintreegateway\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.segment\.com/analytics\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

77
Requests

99 %
HTTPS

46 %
IPv6

20
Domains

29
Subdomains

27
IPs

4
Countries

1243 kB
Transfer

3416 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mvn.to/343 HTTP 302
    https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66
  • https://assets.braintreegateway.com/data/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454 HTTP 302
  • https://ssl.kaptcha.com/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454
Request Chain 69
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14 HTTP 302
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14

77 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
act.moveon.org/donate/defeat-maga-nov22-spoke/
Redirect Chain
  • http://mvn.to/343
  • https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
93 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.193.52.57 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-52-57.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
37dfc0f7b15b210e517f32d1e0084c5c0267e706bd2847b1351097b21a59a903

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 05 Jun 2022 20:26:57 GMT
server
openresty
vary
Accept-Encoding Cookie, Origin

Redirect headers

Cache-Control
max-age=0, private, no-store=true, no-cache=true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sun, 05 Jun 2022 20:26:56 GMT
Location
https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Server
Apache
Status
302 Found
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN SAMEORIGIN
X-Request-Id
5b3ad3fa-0308-4120-a406-5814abb9c82e
X-XSS-Protection
1; mode=block
17163910351.js
cdn.optimizely.com/js/ 		285 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/17163910351.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:7100:48e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7588be2e5d93618da7744f5e40394061bb8468239cef61d579ca3488c51608c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
lxg7uJ7bq048o3ampHwWcC_xtr8sExAh
content-encoding
gzip
etag
"23a1d8104f143b2ce75aff284b12d21c"
x-amz-request-id
9D3ZRMSV82F7RTWT
x-amz-server-side-encryption
AES256
x-amz-meta-revision
6051
x-amz-replication-status
COMPLETED
access-control-allow-methods
GET, HEAD
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="18";dur=0,cdnip;desc="2a02:26f0:7100:48e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary
Accept-Encoding
content-length
88243
x-amz-id-2
ErRSSnDUgM+/IwWXXJEBdKPDNHRg8h1aCEVGwgR5EZFNtFo/hESXhmouJoiGBcseVylUREIDI9w=
last-modified
Fri, 03 Jun 2022 17:41:14 GMT
server
AmazonS3
date
Sun, 05 Jun 2022 20:26:58 GMT
access-control-max-age
86400
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
main.css
static.moveon.org/giraffe/styles/ 		226 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.moveon.org/giraffe/styles/main.css?v=20211117
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3400:1e:1a7c:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
026b0cbf68b54b3312b109fdb3d62ecf755bba84c34acb15962f902c01ed6137

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 05:10:53 GMT
content-encoding
gzip
last-modified
Tue, 19 Apr 2022 17:24:45 GMT
server
AmazonS3
age
54966
etag
W/"605198d3ac041c21aa379641eca5dee7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
WumEfAQA2Ty925OYWvy4xSP-Zrlk6wNP6TFXo7mqO7h4u3PI11949Q==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.0/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 02:40:00 GMT
x-content-type-options
nosniff
age
409618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89493
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Jun 2023 02:40:00 GMT
actionkit.js
act.moveon.org/resources/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.moveon.org/resources/actionkit.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.193.52.57 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-52-57.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
58841f582350e995cdccb98ea4bd1104d1c82ea7be9afcc724ed4077a6f2c21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:58 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 18:25:56 GMT
server
openresty
etag
W/"6255c434-18557"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 06 Jun 2022 20:26:58 GMT
logo.svg
static.moveon.org/giraffe/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.moveon.org/giraffe/images/logo.svg
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3400:1e:1a7c:ac00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
34bf37e1e36eb11522dc76817741ab078b7d2ec86abdeb410d61c618240ef370

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 03:49:49 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 23:25:21 GMT
server
AmazonS3
age
16735030
etag
W/"0a9a5efcc70bca259bf0a17448bf92be"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 51054083366f59cdc509361d23d873ea.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
XEmRhXybK-Dv_vJWCitqFiWcMHP5GGvZJSSLartFWxt2nPCq67ONUg==
credit_card.png
s3.amazonaws.com/s3.moveon.org/images/ 		236 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/credit_card.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
04a962a25376d53a60b68f2230d6fea19a99412c0cdeb2ffae8aba45e24bab17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
x-amz-meta-uuid
a04a0944baab46248d0314f992c67113
Server
AmazonS3
x-amz-request-id
A9A2MPKTDCZB2K61
ETag
"90b2a0824cda3ed4d612cbb1b67b2362"
Content-Type
image/png
Last-Modified
Fri, 05 Mar 2021 16:43:26 GMT
Accept-Ranges
bytes
Content-Length
236
x-amz-id-2
EV01/k0CtUzb/DLqTwCLSO7xiG23mVtJDezPMiW6pNNJaBmxx3nN84V6gtp/vaLqhZOY4dKvABs=
Paypal-Logo-transparent.png
s3.amazonaws.com/s3.moveon.org/images/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/Paypal-Logo-transparent.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e9f3b72e2ff1368774532a46a53e7ee05763ffc3ba80f407bf59309e58367a4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
x-amz-meta-uuid
4193d9b342294974b6a94b5d9fb3b8ad
Server
AmazonS3
x-amz-request-id
A9A5G36JH1TBSW7D
ETag
"701c313933f86b30b93fc79eda16c9ea"
Content-Type
image/png
Last-Modified
Thu, 04 Mar 2021 17:55:24 GMT
Accept-Ranges
bytes
Content-Length
60906
x-amz-id-2
M5/zH/QEffB+14B9uIFPEhpOuagmlJ+MmioPAP/X1m99lZx37ZO2+E4pNBuPwfLadeeeWzHQO/o=
apple-pay-white-transparent-bg.png
s3.amazonaws.com/s3.moveon.org/images/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/apple-pay-white-transparent-bg.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
9b4b2d81745a4f115bbd6f15c2cff5a49e8ef425d69a258cbcc0423708f597fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
x-amz-meta-uuid
db5d4076e579453bbdfe550875e43afb
Server
AmazonS3
x-amz-request-id
A9A3GNF25MNA0H25
ETag
"e05b7a45deec3c4ca34a8f8ff0a629e8"
Content-Type
image/png
Last-Modified
Thu, 04 Mar 2021 18:08:46 GMT
Accept-Ranges
bytes
Content-Length
39897
x-amz-id-2
JwdidhurDREE/CGOnxqkQd87udhhY8FdDMaT0SPV4IjPSBdP3mK9HxWZrtfElVIiBmDJXcPWCD0=
lock.png
s3.amazonaws.com/s3.moveon.org/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/lock.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b5eb1a7be45c8b7a41e37176c404e11d3481001b989eb75c19c97c10b845fcfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
x-amz-meta-uuid
3cea7deafac44de3af22976ce24116f1
Server
AmazonS3
x-amz-request-id
A9A13GNG5P09RYGR
ETag
"cab100caa4302ba19c9cf59121bd9e42"
Content-Type
image/png
Last-Modified
Fri, 28 May 2021 18:14:04 GMT
Accept-Ranges
bytes
Content-Length
6738
x-amz-id-2
FvTBhEMbPwC40KBUxfgkxO+7Q+piukWDoCW6rQjvr8OCRVcHHbxPkJaFvTRK5sF5xwadr1fgMiQ=
mastercrd_icon.png
s3.amazonaws.com/s3.moveon.org/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/mastercrd_icon.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4dc21f19f65f724cfe70e2ae35b19a2597e25b474c4b8082bf220b10adcfe273

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:26:59 GMT
x-amz-meta-uuid
3961632098224d8b93f19267408dcd45
Server
AmazonS3
x-amz-request-id
6MDKCMYFH7VSHG4G
ETag
"feb5c6626819e02767862d50a09b206b"
Content-Type
image/png
Last-Modified
Tue, 28 Jul 2020 19:45:07 GMT
Accept-Ranges
bytes
Content-Length
21494
x-amz-id-2
sgUo+OefB9fhtARiiEbXujHSBGDT12eTf7r+5EbwnYrUnmb3GOmYcpeli6R22teyzZckEjm0P4Q=
_American_Express-512.png
s3.amazonaws.com/s3.moveon.org/images/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/_American_Express-512.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
8ff118111f3aa3ef4e0bbbb3e6e9741f856b281a3caee6eea58a1af2bb984e48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:26:59 GMT
x-amz-meta-uuid
3f03f244b05144cbb6b46952da052b2f
Server
AmazonS3
x-amz-request-id
6MDQ2PC1W61F9KZT
ETag
"e76e484febb6409dba4d92a471d943d9"
Content-Type
image/png
Last-Modified
Tue, 28 Jul 2020 20:00:25 GMT
Accept-Ranges
bytes
Content-Length
30587
x-amz-id-2
wVqpNSSHPq9tEHBZmAKSA3lAVATpiGbPNRPQN7ry6HCoNmOyzNO3Tfg701aAa7dQWmWbSw5ZqYs=
visa_icon.png
s3.amazonaws.com/s3.moveon.org/images/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/visa_icon.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2071ecabf67f98f342c219c5fa1e2218f63d2823d9d2775c331c5010bf7dea70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:26:59 GMT
x-amz-meta-uuid
1a9b3bf9c7bc4d56b64e05143a43ccd9
Server
AmazonS3
x-amz-request-id
6MDYTBTK1174FAB4
ETag
"7d9ebb97e2e8711b0fde19b3b42b2793"
Content-Type
image/png
Last-Modified
Tue, 28 Jul 2020 19:59:56 GMT
Accept-Ranges
bytes
Content-Length
23950
x-amz-id-2
/+bkelWidoDFVR4a/kLcfDtBMaJ1WbCV7H1kAhWoBosvvnVDRHGpiuUt5MrJcb6KWsuj0c5k0ss=
atm-card-credit-card-debit-card-discover-icon-discover-card-png-512_512.png
s3.amazonaws.com/s3.moveon.org/images/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/atm-card-credit-card-debit-card-discover-icon-discover-card-png-512_512.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7b3e66957de09a4a34474032860c5d21a70bf9e89c554ac9ef0d694d3ec1beb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:26:59 GMT
x-amz-meta-uuid
31cb96cc165343db8e1df9b37b2936ad
Server
AmazonS3
x-amz-request-id
6MDHMMJYQWVJB4RP
ETag
"ab379ea7300f191dbeca90e65acff940"
Content-Type
image/png
Last-Modified
Tue, 28 Jul 2020 20:00:16 GMT
Accept-Ranges
bytes
Content-Length
17875
x-amz-id-2
wkk3gIkZ/wjRiYLEcVBu0mlEJkNY4u4XR9h+hBeNwePDZrKkrykFECL3sN0BHzeU4cF3nBKJpn4=
client.min.js
js.braintreegateway.com/web/3.64.2/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.64.2/js/client.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
36feec81cef2bbf149d3043df39f25b342f798ab7dc150e181aa52517b258e24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 14:34:24 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 22:23:44 GMT
server
nginx
age
21154
etag
W/"62914f70-a374"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
-UF0q2lutU8Pc93nYKIRUh2ub3NnLt5ZHY0Gip8YoeNUlc_0O403kQ==
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
expires
Mon, 06 Jun 2022 14:34:24 GMT
hosted-fields.min.js
js.braintreegateway.com/web/3.64.2/js/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.64.2/js/hosted-fields.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
bbb75566e978e55fc0a9d987c82189bffedd0a91230ecd9c2d30520ee69a5d8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 19:59:42 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 22:23:45 GMT
server
nginx
age
1635
etag
W/"62914f71-f82a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ISyKwsdR6OacFxB3PmcC1djzITi_YhtrAsa7RhTXXBuftq1a1xd3xQ==
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
expires
Mon, 06 Jun 2022 19:59:42 GMT
data-collector.min.js
js.braintreegateway.com/web/3.64.2/js/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.64.2/js/data-collector.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
28d9d762bafe99f93c195d4a071a886667390043e1c3e932bd2f6d561507f551

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 18:40:49 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 22:23:43 GMT
server
nginx
age
6369
etag
W/"62914f6f-7b97"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
KCGkqKS5RIXWvMk28a9Bcq4xCVUEvHIGrcWnQIxQCk8WZWa2loqing==
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
expires
Mon, 06 Jun 2022 18:40:49 GMT
apple-pay.min.js
js.braintreegateway.com/web/3.64.2/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.braintreegateway.com/web/3.64.2/js/apple-pay.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-47.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
264393b533d182a87bf0ac38beb995ce991214236de3c77a1a82123836e8d976

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 17:54:16 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 22:23:43 GMT
server
nginx
age
9162
etag
W/"62914f6f-53d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P4
x-amz-cf-id
ILHcexUfj4qnF1z559CwayoAQjb000Tf1hWqPY4e-u2REJBa0_rMkw==
via
1.1 8a6f67a9421de326f43e9107751b580e.cloudfront.net (CloudFront)
expires
Mon, 06 Jun 2022 17:54:16 GMT
ak_braintree_vzero.js
act.moveon.org/resources/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.moveon.org/resources/ak_braintree_vzero.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.193.52.57 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-52-57.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:58 GMT
content-encoding
gzip
last-modified
Tue, 12 Apr 2022 18:25:56 GMT
server
openresty
etag
W/"6255c434-4065"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 06 Jun 2022 20:26:58 GMT
Shield_Icon_grey.png
s3.amazonaws.com/s3.moveon.org/images/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/Shield_Icon_grey.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
de13028b7ce7139f88a57c5825a653e6e7ab15d147d7db886dde3c17ba953aad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
x-amz-meta-uuid
eb9479a9d89e40239e51bb3689d36e21
Server
AmazonS3
x-amz-request-id
A9AF7E7DSX5YVK9V
ETag
"ff81d22bef0e2884932260d349c8df3c"
Content-Type
image/png
Last-Modified
Fri, 31 Jul 2020 19:29:44 GMT
Accept-Ranges
bytes
Content-Length
21130
x-amz-id-2
J5i7XiA1mnA/P1W7WloSspShJbLA1uCJo6qg6iBELavhX+3Jplc/xKxp9WQLFz3WtvrXycxm3OI=
lock_icon_2_grey.png
s3.amazonaws.com/s3.moveon.org/images/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/lock_icon_2_grey.png
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
2c2a7aaef62ab4ea70db9c3156189fe5cf910e70cd3e310da7377c12fe5d64a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:26:59 GMT
x-amz-meta-uuid
f8e9bcae50aa45ada47a282d10ef2bf7
Server
AmazonS3
x-amz-request-id
6MDJ0FPQY4EPN88W
ETag
"139534f1f740f72893f4d81b8c6bf029"
Content-Type
image/png
Last-Modified
Fri, 31 Jul 2020 19:30:05 GMT
Accept-Ranges
bytes
Content-Length
15519
x-amz-id-2
VzuLq9O77shnYWYm1thRmH1bclyoy73HwKRWgp/UXR9MpUmE9GPHLkKNWF4FCdlJNHkm0Qgl+XM=
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.5/js/bootstrap.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
718, 718
age
11357083
cdn-cachedat
2021-04-13 02:50:03
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
f555eecc83d07422a81af3803a9b15cc
cf-ray
716ba573dcc29220-FRA
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
jquery-ui.min.js
code.jquery.com/ui/1.12.1/ 		248 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/ui/1.12.1/jquery-ui.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5

Request headers

Referer
https://act.moveon.org/
Origin
https://act.moveon.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:58 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:54 GMT
server
nginx
etag
W/"611feaca-3dee4"
vary
Accept-Encoding
x-hw
1654460818.dop139.fr8.t,1654460818.cds282.fr8.hn,1654460818.cds151.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
67751
ak-js.min.js
s3.amazonaws.com/actionkit.moveon.org/static/js/ 		27 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/actionkit.moveon.org/static/js/ak-js.min.js?v=202011
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
32aa45ec5c6027194ad5ecce46ecddfd0d4b97556d1c23412eddea16c5ba7b3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Last-Modified
Tue, 15 Dec 2020 22:13:44 GMT
Server
AmazonS3
x-amz-request-id
A9A0KF0S7A7G3BA3
ETag
"9809e03001a9ed1a87a6ebf544942289"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
28074
x-amz-id-2
luOP7CL1oCR57hR9vtf5Hq5GeDnqi7HzkQv0I5fp1ydRCI1GtT3dQadyoMtEK73FUiDEudlUG30=
navbar.js
s3.amazonaws.com/actionkit.moveon.org/static/js/ 		351 B
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/actionkit.moveon.org/static/js/navbar.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e83b66d853c969251ec2828cdad3c60e7ef296f93a403de19a173725f4f58aea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Last-Modified
Thu, 13 Jul 2017 23:01:18 GMT
Server
AmazonS3
x-amz-request-id
A9A6XVA64G1E3KNJ
ETag
"911c0132f2b0f9f3304495af1290009b"
Content-Type
text/javascript
Accept-Ranges
bytes
Content-Length
351
x-amz-id-2
IHlIbA+1agiNWDkorQDavM/8DHIqwZBF++nsSwe91N7OkxJa7tfBTNnUkZ3KYrX30+0Muh8bvjE=
css
fonts.googleapis.com/ 		8 KB
853 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:400,500,700
Requested by
Host: static.moveon.org
URL: https://static.moveon.org/giraffe/styles/main.css?v=20211117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b67dec0ff2f54bc8ba16b68406cb60508844cea06776d3b6b69aedf1166ebc2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Jun 2022 20:26:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Jun 2022 20:26:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Jun 2022 20:26:58 GMT
css2
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Requested by
Host: static.moveon.org
URL: https://static.moveon.org/giraffe/styles/main.css?v=20211117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Jun 2022 19:20:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Jun 2022 20:26:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Jun 2022 20:26:58 GMT
css2
fonts.googleapis.com/ 		6 KB
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap
Requested by
Host: static.moveon.org
URL: https://static.moveon.org/giraffe/styles/main.css?v=20211117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48f3941ff683ad084b452d3409e9afa51399c151e3a8a3599070f6d58e25d243
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Jun 2022 19:27:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Jun 2022 20:26:58 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Jun 2022 20:26:58 GMT
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
ksWBsm05QxyOr27JrrJHnk9v2mrKdrAzvDNzGAdQUn5m6U3fIcifGgbxr52/g+UDVyzgtFFpn9jEFigOEjW9cQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Sun, 05 Jun 2022 20:26:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.moveon.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 22:15:45 GMT
x-content-type-options
nosniff
age
425473
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 22:15:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.moveon.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 08:45:42 GMT
x-content-type-options
nosniff
age
474076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 08:45:42 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:400,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.moveon.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 19:07:55 GMT
x-content-type-options
nosniff
age
523143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 19:07:55 GMT
a17053551565.html
a17053551565.cdn.optimizely.com/client_storage/ Frame 08C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a17053551565.cdn.optimizely.com/client_storage/a17053551565.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17163910351.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.17.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-17-148.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
2b08943e77b2c9c211f634fec99770606f45d15f1b82640c0265d469f105beb7
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://act.moveon.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
862
content-type
text/html; charset=utf-8
date
Sun, 05 Jun 2022 20:26:58 GMT
etag
"b2f9fc86b9b045479b3aeb6ee40241c8"
last-modified
Fri, 03 Jun 2022 17:41:06 GMT
server
AmazonS3
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="20";dur=0,cdnip;desc="104.89.17.148";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-amz-id-2
yljIioHOEkt4HZvZm2Cdmro+Je+jEl/qdC5c9Ntq3LSooBd4N99jll5XbyigOV+0yC2+yObR3Et4cGsk0TE9ow==
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
AYGRG14E0ZHSB6ZH
x-amz-server-side-encryption
AES256
x-amz-version-id
Q3eg6DWX4QW2aNjbTFUZatnLjafqy07i
checkmark.svg
s3.amazonaws.com/s3.moveon.org/images/ 		314 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/s3.moveon.org/images/checkmark.svg
Requested by
Host: static.moveon.org
URL: https://static.moveon.org/giraffe/styles/main.css?v=20211117
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7187eeee26e547385c5d2ab8758b900ae4436eccabe80fb1455bfb6879e036b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://static.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:26:59 GMT
x-amz-meta-uuid
75bc3ab10c9b4cbd957015c479eda05a
Server
AmazonS3
x-amz-request-id
6MDXPMMW4DKKQWC1
ETag
"b036f06949f79b04626203e616b315bb"
Content-Type
image/svg+xml
Last-Modified
Fri, 05 Mar 2021 16:40:08 GMT
Accept-Ranges
bytes
Content-Length
314
x-amz-id-2
BKbF3YmGzFomh3872uTj718rxzuhI3ragmCb7848nVPAEPIqXqlHy+cqH0WS4ytbd4BPS5kR5Ro=
1631873650442333
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1631873650442333?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1df35b3a05c4491c4d6f119c2c26f84f70259312358a7043ee020a3604dc65df
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
/7bwilgTthrwtOn6dl7hf0yT38f6gkb+/Dx1GoJCYqvUYpR4RbXJeHxL3KUYI0qo0fl9QN2JU8iJH0JNqlfq8A==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 05 Jun 2022 20:26:58 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1654460818976
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
defeat-maga-nov22-spoke
act.moveon.org/context/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.moveon.org/context/defeat-maga-nov22-spoke?callback=actionkit.forms.onContextLoaded&form_name=act&required=email&required=country&required=action_employer&required=action_occupation&required=card_num&r=0.6469613643553735&url=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/resources/actionkit.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.193.52.57 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-52-57.us-west-1.compute.amazonaws.com
Software
openresty /
Resource Hash
5a2f6bbb797226c7616ff3868cdfd1a3505399ffb9950df83751eb9e289e214d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:59 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding, Cookie, Origin
content-type
text/javascript
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.moveon.org
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 31 May 2022 08:45:21 GMT
x-content-type-options
nosniff
age
474097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 May 2023 08:45:21 GMT
758088981253527
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/758088981253527?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a4fb5bb90ebb0daadc23b943342126a08a6b3cf706dcb138b116a7c1f9c17a9e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
hv/u5TeadjfFwwUgp+YXCgWbIMWTGFQM6UN5ZHJPW2O4zT6lW//bmL1eCVSLsSMDFA2u4gqFFwYep769G8RxeA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 05 Jun 2022 20:26:59 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1654460819117
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.min.js
cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/ 		385 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.115.169 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-115-169.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
958f93bba91b34de88f8e7ba8dd8057159848425925550c209d1625cdef1ed9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
s0_3vvKXfkocza9pqGMmQv4y6S9wERCF
content-encoding
br
etag
W/"38be1f536247a305cd50c0783acc9686"
x-amz-cf-pop
FRA56-P5
x-cache
RefreshHit from cloudfront
x-amz-replication-status
COMPLETED
access-control-allow-origin
*
last-modified
Mon, 09 May 2022 22:34:31 GMT
server
AmazonS3
date
Sun, 05 Jun 2022 20:27:00 GMT
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
cache-control
public, max-age=120
x-amz-cf-id
SAaPtg0_3ZUluAgafXpIyeSu_PtePCCZ1AG8AbCMcDLdu0Memt9HgA==
1.js
gxibconi.micpn.com/p/js/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gxibconi.micpn.com/p/js/1.js
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.77.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-77-90.fra2.r.cloudfront.net
Software
/
Resource Hash
45078f6cce4b6e540a4229db58661dc8b157454d03f9df2f0604aabd3f828719

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 05 Jun 2022 20:26:59 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
p3p
policyref="https://movableink.com/w3c/p3p.xml", CP="DEVa PSAa PSDa IVAa IVDa OUR IND DSP NON COR NAV UNI"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control
no-cache max-age=0
timing-allow-origin
https://act.moveon.org
x-amz-cf-id
cJzUAmrn2FjNa8vWIns5KyHBD-3JTCvV_vMSsrYt8djAgyrtSfDh5A==
x-uuid
50e1301a-00db-4ef1-96c0-aa27b85cc1ce
expires
Thu, 01 Dec 1994 16:00:00 GMT
logos.json
s3.amazonaws.com/s3.moveon.org/partner/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/s3.moveon.org/partner/logos.json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.184.237 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
669009d78019adb57f1cae741e5bcbedb306e1f7493d7afb422dbfe801b38f02

Request headers

Accept
*/*
Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Last-Modified
Fri, 16 Jun 2017 17:14:25 GMT
Server
AmazonS3
x-amz-request-id
A9A2PXHVH4S34B4S
ETag
"40ef1804f0b9f4f6a1195d305ecc83d2"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET, POST
Content-Type
binary/octet-stream
Access-Control-Allow-Origin
https://act.moveon.org
Access-Control-Max-Age
3000
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
x-amz-meta-uuid
d8a3b8061bef4939ba00ade0cd8010ac
Content-Length
1780
x-amz-id-2
Of5IuherqnmhV/z1TvqLKXrv2IdPIqeopzaDPdY2UEfVLKVBTr3S+NPewLVRHz+Sn7c8aI25xsE=
graphql
payments.braintree-api.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.122.176.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-176-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,braintree-version,content-type
Access-Control-Request-Method
POST
Origin
https://act.moveon.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
access-control-allow-headers
authorization,braintree-version,content-type
access-control-allow-methods
GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://act.moveon.org
access-control-max-age
1800
date
Sun, 05 Jun 2022 20:26:59 GMT
paypal-debug-id
f5af2cea51864
server
nginx
transfer-encoding
chunked
graphql
payments.braintree-api.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://payments.braintree-api.com/graphql
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/client.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.122.176.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-176-248.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
a50b9692aaf6e38e655c449caab23e80133d0bd79da8de14bebbe26d424df991
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NTQ1NDcyMTcsImp0aSI6IjFmYmYzOTQyLTM2NWItNDUxZS1iZTNhLTZlODg4ZTBhNWNjNyIsInN1YiI6InR3YjR6cXAyNzZiY2RmbmoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6InR3YjR6cXAyNzZiY2RmbmoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnsibWVyY2hhbnRfYWNjb3VudF9pZCI6InBvbGl0aWNhbGFjdGlvbiJ9fQ.Hg7Y8d3SNxkiNXf08XNceIzl0q5N-YnRvGRv85wfXrIfl6vZFFaeg4pVvtm3LwVKvZENfcpwAqmr1VxinLHEmQ
Braintree-Version
2018-05-10
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 05 Jun 2022 20:27:00 GMT
content-encoding
gzip
X-Content-Type-Options
nosniff
server
nginx
X-Frame-Options
DENY
vary
Braintree-Version, Accept-Encoding
Content-Type
application/json
access-control-allow-origin
https://act.moveon.org
Cache-Control
no-cache, no-store
braintree-version
2016-10-07
paypal-debug-id
569f3076cec44
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Content-Length
1203
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1631873650442333&ev=PageView&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&rl=&if=false&ts=1654460819209&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654460819207.630370750&it=1654460818611&coo=false&exp=p0&rqm=GET
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 05 Jun 2022 20:26:59 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=758088981253527&ev=PageView&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&rl=&if=false&ts=1654460819212&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1654460819207.630370750&it=1654460818611&coo=false&exp=p0&rqm=GET
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 05 Jun 2022 20:26:59 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1631873650442333&ev=Microdata&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&rl=&if=false&ts=1654460819712&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%20%7C%20MoveOn.org%22%2C%22meta%3Adescription%22%3A%22Contribute%20to%20MoveOn.org%20Political%20Action%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%22%2C%22og%3Adescription%22%3A%22Contribute%20to%20MoveOn.org%20Political%20Action%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%22%2C%22og%3Asite_name%22%3A%22MoveOn.org%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654460819207.630370750&it=1654460818611&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sun, 05 Jun 2022 20:26:59 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=758088981253527&ev=Microdata&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&rl=&if=false&ts=1654460819713&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%20%7C%20MoveOn.org%22%2C%22meta%3Adescription%22%3A%22Contribute%20to%20MoveOn.org%20Political%20Action%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%22%2C%22og%3Adescription%22%3A%22Contribute%20to%20MoveOn.org%20Political%20Action%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%22%2C%22og%3Asite_name%22%3A%22MoveOn.org%22%2C%22og%3Atype%22%3A%22article%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1654460819207.630370750&it=1654460818611&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: act.moveon.org
URL: https://act.moveon.org/donate/defeat-maga-nov22-spoke/?id_donation_type_recurring=recurring&suggested_ask=7&source=2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:26:59 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sun, 05 Jun 2022 20:26:59 GMT
events
logx.optimizely.com/v1/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17163910351.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.243.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-243-85.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://act.moveon.org
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
e78968f2-0340-44b3-ac97-cb9304366d9d
gtm.js
www.googletagmanager.com/ 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WBC8W2D&l=dataLayer
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
95ff672bdada70b1108cb13da5fbe3e1b2ed7da5c3c59aca6004a6faad000a5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:27:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74565
x-xss-protection
0
last-modified
Sun, 05 Jun 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 Jun 2022 20:27:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
471
date
Sun, 05 Jun 2022 20:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 05 Jun 2022 22:19:08 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 19:30:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 05 Jun 2022 20:30:36 GMT
p
api.segment.io/v1/ 		21 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/vE6nVaSzhGHcNip5aRHjd8f0XS8vcXVN/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.108.48 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-10-108-48.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://act.moveon.org
date
Sun, 05 Jun 2022 20:27:00 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WBC8W2D&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
472
date
Sun, 05 Jun 2022 20:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 05 Jun 2022 22:19:08 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=16024216&t=pageview&_s=1&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26utm_source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&dp=%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&ul=en-us&de=UTF-8&dt=Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%20%7C%20MoveOn.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=1959754471&gjid=1625068977&cid=270403883.1654460820&tid=UA-219336-2&_gid=1559360778.1654460820&_r=1&_slc=1&z=1507429530
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Jun 2022 20:27:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.moveon.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=16024216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&ul=en-us&de=UTF-8&dt=Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%20%7C%20MoveOn.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=25%25&ev=25&_u=aGDAAEAjAAAAAC~&jid=1941414171&gjid=1595787172&cid=270403883.1654460820&tid=UA-219336-2&_gid=1559360778.1654460820&_r=1&gtm=2wg610WBC8W2D&z=458430161
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 05 Jun 2022 20:27:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://act.moveon.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=16024216&t=event&ni=1&_s=1&dl=https%3A%2F%2Fact.moveon.org%2Fdonate%2Fdefeat-maga-nov22-spoke%2F%3Fid_donation_type_recurring%3Drecurring%26suggested_ask%3D7%26source%3D2022.06.02.pac.fr.defeat.maga.nov22.Spoke.B.K&ul=en-us&de=UTF-8&dt=Power%20MoveOn%27s%20democracy-saving%20plan%20to%20defeat%20MAGA%20candidates%20for%20secretary%20of%20state%20and%20Congress%20%7C%20MoveOn.org&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll&ea=50%25&ev=50&_u=aGDAAEAjAAAAAC~&jid=&gjid=&cid=270403883.1654460820&tid=UA-219336-2&_gid=1559360778.1654460820&gtm=2wg610WBC8W2D&z=1982790624
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Jun 2022 20:53:41 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
84799
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219336-2&cid=270403883.1654460820&jid=1959754471&gjid=1625068977&_gid=1559360778.1654460820&_u=aGBAAEAiAAAAAC~&z=54045486
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 05 Jun 2022 20:27:00 GMT
content-type
text/plain
access-control-allow-origin
https://act.moveon.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-219336-2&cid=270403883.1654460820&jid=1941414171&gjid=1595787172&_gid=1559360778.1654460820&_u=aGDAAEAjAAAAAC~&z=443286125
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 05 Jun 2022 20:27:00 GMT
content-type
text/plain
access-control-allow-origin
https://act.moveon.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://act.moveon.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.moveon.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://act.moveon.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.moveon.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/client.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.moveon.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/client.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.moveon.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://act.moveon.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.moveon.org
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/client.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://act.moveon.org
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
fb.js
c.paypal.com/da/r/ 		56 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/data-collector.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
950655
x-cache
MISS, HIT, HIT
paypal-debug-id
13276f56e7019
x-cache-hits
0, 1, 2388590
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19372
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10049-SJC, cache-hhn4021-HHN, cache-hhn4027-HHN
last-modified
Wed, 25 May 2022 18:45:26 GMT
x-timer
S1654460821.852915,VS0,VE1
etag
W/"628e7946-dec7"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jun 2022 20:27:00 GMT
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.64.2/html/ Frame B36B 		121 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.64.2/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/hosted-fields.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-31.osl50.r.cloudfront.net
Software
nginx /
Resource Hash
557f656f0448e25f0484969e3873dc74bc82de5e52a94c8acecdca2452cc1281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://act.moveon.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63428
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 05 Jun 2022 02:49:52 GMT
etag
W/"62914f71-1e3ff"
expires
Mon, 06 Jun 2022 02:49:52 GMT
last-modified
Fri, 27 May 2022 22:23:45 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-id
AghZtU7Ggok2PdSP0PoagC2O7HhtWuGWlOlbOXLGWLqs2viB5FVSdA==
x-amz-cf-pop
OSL50-C1
x-cache
Hit from cloudfront
hosted-fields-frame.min.html
assets.braintreegateway.com/web/3.64.2/html/ Frame 61AB 		121 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.braintreegateway.com/web/3.64.2/html/hosted-fields-frame.min.html
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/hosted-fields.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.55.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-55-31.osl50.r.cloudfront.net
Software
nginx /
Resource Hash
557f656f0448e25f0484969e3873dc74bc82de5e52a94c8acecdca2452cc1281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://act.moveon.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63428
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 05 Jun 2022 02:49:52 GMT
etag
W/"62914f71-1e3ff"
expires
Mon, 06 Jun 2022 02:49:52 GMT
last-modified
Fri, 27 May 2022 22:23:45 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-id
dgkSSrP_dnL7El3Bwusj0APyex3CduDVLIAqPrUbmgomFe8M1jJY1Q==
x-amz-cf-pop
OSL50-C1
x-cache
Hit from cloudfront
logo.htm
ssl.kaptcha.com/ Frame 6DE0
Redirect Chain
  • https://assets.braintreegateway.com/data/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454
  • https://ssl.kaptcha.com/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454
41 B
366 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssl.kaptcha.com/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454
Requested by
Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.64.2/js/data-collector.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
35.80.101.90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-80-101-90.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache no-store must-revalidate private
Content-Length
41
Content-Type
text/html
Date
Sun, 05 Jun 2022 20:27:01 GMT
Expires
0
Pragma
no-cache
X-Correlation-Id
1c0716df-f7ad-48c6-9254-de05dc63eea9

Redirect headers

cache-control
max-age=86400
content-length
154
content-type
text/html
date
Sun, 05 Jun 2022 20:27:01 GMT
expires
Mon, 06 Jun 2022 20:27:01 GMT
location
https://ssl.kaptcha.com/logo.htm?m=null&s=d8467dde60ebcc99d45eaa9e50840454
server
nginx
strict-transport-security
max-age=31536000
via
1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-id
MI-FcbzjNlpTHctr_HNQ8AH0NZQI5602hJ1ETz2c8UizRJ2bIiQmCQ==
x-amz-cf-pop
OSL50-C1
x-cache
Miss from cloudfront
events
logx.optimizely.com/v1/ 		0
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/17163910351.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.243.85 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-243-85.compute-1.amazonaws.com
Software
nginx/1.21.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://act.moveon.org/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx/1.21.0
Content-Type
text/plain
Access-Control-Allow-Origin
https://act.moveon.org
Access-Control-Expose-Headers
X-Results-Data-Source
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
X-Request-Id
0acb97c4-0877-4801-923d-52ea49d73362
i
c.paypal.com/v1/r/d/ Frame 9097 		160 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.moveon.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
cache-control
max-age=0, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type
text/html;charset=UTF-8
correlation-id
61108976401b6
date
Sun, 05 Jun 2022 20:27:01 GMT
paypal-debug-id
61108976401b6
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security
max-age=63072000; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-content-type-options
nosniff
x-served-by
cache-hhn4027-HHN
x-timer
S1654460821.898527,VS0,VE141
x-xss-protection
1; mode=block
counter2.cgi
dub.stats.paypal.com/ Frame EFDF
Redirect Chain
  • https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14
  • https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14
Protocol
HTTP/1.1
Server
64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software
PayPal-B.Stats/1.0 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://act.moveon.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Sun, 05 Jun 2022 20:27:01 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
42
Content-Type
image/jpeg

Redirect headers

Location
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=89b1628db21af8204cf3a15afdad5153&t=1654460820.57&a=14
Date
Sun, 05 Jun 2022 20:27:01 GMT
Server
PayPal-B.Stats/1.0
Connection
close
Content-Length
0
Content-Type
application/octet-stream
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ Frame B36B 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Requested by
Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.64.2/html/hosted-fields-frame.min.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://assets.braintreegateway.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Connection
keep-alive
Access-Control-Allow-Headers
Content-Length
0
twb4zqp276bcdfnj
client-analytics.braintreegateway.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://client-analytics.braintreegateway.com/twb4zqp276bcdfnj
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.29.134 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-29-134.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://assets.braintreegateway.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
https://assets.braintreegateway.com
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
0
Date
Sun, 05 Jun 2022 20:27:00 GMT
Server
nginx
fb.js
c.paypal.com/da/r/ Frame 9097 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/da/r/fb.js
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
950656
x-cache
MISS, HIT, HIT
paypal-debug-id
13276f56e7019
x-cache-hits
0, 1, 2388591
access-control-allow-methods
GET
server-timing
content-encoding;desc="gzip",x-cdn;desc="fastly"
dc
ccg11-origin-www-1.paypal.com
vary
Accept-Encoding
content-length
19372
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-served-by
cache-sjc10049-SJC, cache-hhn4021-HHN, cache-hhn4027-HHN
last-modified
Wed, 25 May 2022 18:45:26 GMT
x-timer
S1654460821.069936,VS0,VE2
etag
W/"628e7946-dec7"
access-control-max-age
86400
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
s-maxage=31536000, public,max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 06 Jun 2022 20:27:01 GMT
p1
c.paypal.com/v1/r/d/b/ Frame 9097 		125 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/p1
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b5adc90b253d8a76beed888fa0846fe46d3ca49faf5cc9a971fbc9997a51544
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

timing-allow-origin
*
date
Sun, 05 Jun 2022 20:27:01 GMT
via
1.1 varnish
correlation-id
2494ac1e0fcd7
x-served-by
cache-hhn4027-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
p3p
policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id
2494ac1e0fcd7
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
content-type
application/json
content-length
125
x-cache-hits
0
e
c.paypal.com/v1/r/d/b/ Frame 9097 		15 B
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.paypal.com/v1/r/d/b/e
Requested by
Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.35 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 05 Jun 2022 20:27:01 GMT
via
1.1 varnish
correlation-id
5c37229d0f293
x-served-by
cache-hhn4027-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
content-type
application/json
paypal-debug-id
5c37229d0f293
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
15
x-cache-hits
0
p3
c6.paypal.com/v1/r/d/b/ Frame 9097 		0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c6.paypal.com/v1/r/d/b/p3?f=89b1628db21af8204cf3a15afdad5153&s=BRAINTREE_SIGNIN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::291 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://c.paypal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 20:27:01 GMT
via
1.1 varnish
correlation-id
a715bec8d2f0c
x-timer
S1654460821.491598,VS0,VE181
x-served-by
cache-hhn4024-HHN
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-cache
MISS
paypal-debug-id
a715bec8d2f0c
cache-control
max-age=0, no-cache, no-store, must-revalidate
server-timing
content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges
bytes
timing-allow-origin
*
content-length
0
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| startTime undefined| _ object| optimizely string| akid function| getUrlVars string| suggestedDonation function| $ function| jQuery object| actionkit function| country_change function| actionkit_recaptcha_loaded function| actionkit_recaptcha_completed function| tmpl function| $ak function| fbq function| _fbq object| actionkitFormReadyEvent undefined| doesnt_bubble undefined| isnt_cancelable function| mo_validate function| mo_forms_onContextLoaded function| unesc object| pair object| braintree boolean| weekly boolean| weeklyLayoutOptions object| match string| suggestedAsk undefined| weeklyAmountUrlVar function| ach_validation function| actionkitBeforeValidation function| ak_recurring_change_address function| ak_recurring_change_amount function| ak_recurring_change_card function| calculateWeeklyAmount function| candidateInputsFormat function| candidatesTotalUpdate function| calculateDenominator function| clearAll function| clearInputs function| clearRadioButtons function| confirmLargeDonation function| countryChange function| currencyValue function| customizeSplit function| disable_invisibles function| fillSplitValueForAmountOther function| fillSplitValueForCandidates function| inputsTotal function| productsTotalUpdate function| removeCreditCardRequirement function| resetWeeklyAmounts function| shippingCountryChange function| split function| stopEnter function| submit_paypal function| syncToShipping function| toggleRecurring function| toggleShipping function| toggleWeeklyCheckbox function| updateCandidateSplit function| updateExpirationDate function| updateSplitTotal function| updateTotal function| validateAmountInput function| valid_bank_account_number function| valid_bank_routing_number function| validate_business_name function| valueOfAmount function| submitPaypal undefined| profile_id undefined| actualWeeklyAmount string| key function| esc function| toggleAll function| handleListChanged function| showEmailForm function| handleJumpLink function| confirmSubmit function| setFormAction function| validateRoster function| confirmRoster function| toggleRow function| updateConfirmationMessage function| shuffle function| shuffleQuestions function| makeFormButton function| checkViewable function| isScrolledIntoView object| EmailSuggestion object| Kicksend string| SMS_SUBSCRIBE_DIV function| mobilePhoneUpdate function| phoneFieldStorage object| jsErrors function| MoveOnActionkitBeforeValidation boolean| recordedOrderCompleted string| optimizelyId string| segmentAkid object| analytics string| MovableInkTrack function| mitr string| sourceCode object| pageForm object| passedParams object| dataLayer string| GoogleAnalyticsObject function| ga function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| PAYPAL object| hosted_fields_instance

11 Cookies

Domain/Path Name / Value
mvn.to/ Name: _mkra_stck
Value: 1e186aea00c2f470c0c6aa638deb699c%3A1654460823.8522573
.moveon.org/ Name: optimizelyEndUserId
Value: oeu1654460818756r0.16581782441917503
.moveon.org/ Name: _fbp
Value: fb.1.1654460819207.630370750
.moveon.org/ Name: _ga
Value: GA1.2.270403883.1654460820
.moveon.org/ Name: _gid
Value: GA1.2.1559360778.1654460820
.moveon.org/ Name: ajs_anonymous_id
Value: %221fe60113-b457-4e2c-a910-acb78665aa17%22
.moveon.org/ Name: _gcl_au
Value: 1.1.1290476377.1654460820
.moveon.org/ Name: _gat
Value: 1
.moveon.org/ Name: _gat_UA-219336-2
Value: 1
.c.paypal.com/ Name: sc_f
Value: iKXaldtcimY8lbllWZpTmL41EsRP6WrcBXPG-w_HHpHRRt5O14KaPWbzKBKlovcHVoiWz-6HdAbm36-ii_MNqH7J_p29OpXHp9eQMG
.paypal.com/ Name: KHcl0EuY7AKSMgfvHl7J5E7hPtK
Value: 79e5YWs5Ul6ThJynEpNRE_zXA4mtL3uA6Up6qzGK_jvjqdL6Qq1j2FkLRG-C--3FKS67MYV29VJlcTpw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a17053551565.cdn.optimizely.com
act.moveon.org
ajax.googleapis.com
api.segment.io
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdn.optimizely.com
cdn.segment.com
client-analytics.braintreegateway.com
code.jquery.com
connect.facebook.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
gxibconi.micpn.com
js.braintreegateway.com
logx.optimizely.com
maxcdn.bootstrapcdn.com
mvn.to
payments.braintree-api.com
s3.amazonaws.com
ssl.kaptcha.com
static.moveon.org
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.89.17.148
13.225.77.90
143.204.55.31
151.101.1.35
18.66.115.169
2001:4de0:ac18::1:a:3b
2600:9000:2182:3400:1e:1a7c:ac00:93a1
2606:4700::6812:bcf
2a00:1450:4001:801::2008
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c1b::9c
2a02:26f0:7100:48e::13b8
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:200::291
3.122.176.248
35.80.101.90
44.193.187.112
52.10.108.48
52.216.184.237
52.222.236.47
52.29.29.134
54.193.52.57
54.84.243.85
64.4.245.84
026b0cbf68b54b3312b109fdb3d62ecf755bba84c34acb15962f902c01ed6137
04a962a25376d53a60b68f2230d6fea19a99412c0cdeb2ffae8aba45e24bab17
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1df35b3a05c4491c4d6f119c2c26f84f70259312358a7043ee020a3604dc65df
2071ecabf67f98f342c219c5fa1e2218f63d2823d9d2775c331c5010bf7dea70
264393b533d182a87bf0ac38beb995ce991214236de3c77a1a82123836e8d976
28d9d762bafe99f93c195d4a071a886667390043e1c3e932bd2f6d561507f551
2b08943e77b2c9c211f634fec99770606f45d15f1b82640c0265d469f105beb7
2c2a7aaef62ab4ea70db9c3156189fe5cf910e70cd3e310da7377c12fe5d64a2
32aa45ec5c6027194ad5ecce46ecddfd0d4b97556d1c23412eddea16c5ba7b3a
34bf37e1e36eb11522dc76817741ab078b7d2ec86abdeb410d61c618240ef370
36feec81cef2bbf149d3043df39f25b342f798ab7dc150e181aa52517b258e24
37dfc0f7b15b210e517f32d1e0084c5c0267e706bd2847b1351097b21a59a903
45078f6cce4b6e540a4229db58661dc8b157454d03f9df2f0604aabd3f828719
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48f3941ff683ad084b452d3409e9afa51399c151e3a8a3599070f6d58e25d243
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4dc21f19f65f724cfe70e2ae35b19a2597e25b474c4b8082bf220b10adcfe273
557f656f0448e25f0484969e3873dc74bc82de5e52a94c8acecdca2452cc1281
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
58841f582350e995cdccb98ea4bd1104d1c82ea7be9afcc724ed4077a6f2c21b
5a2f6bbb797226c7616ff3868cdfd1a3505399ffb9950df83751eb9e289e214d
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
669009d78019adb57f1cae741e5bcbedb306e1f7493d7afb422dbfe801b38f02
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b5adc90b253d8a76beed888fa0846fe46d3ca49faf5cc9a971fbc9997a51544
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7187eeee26e547385c5d2ab8758b900ae4436eccabe80fb1455bfb6879e036b0
7b3e66957de09a4a34474032860c5d21a70bf9e89c554ac9ef0d694d3ec1beb6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ff118111f3aa3ef4e0bbbb3e6e9741f856b281a3caee6eea58a1af2bb984e48
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
958f93bba91b34de88f8e7ba8dd8057159848425925550c209d1625cdef1ed9e
95ff672bdada70b1108cb13da5fbe3e1b2ed7da5c3c59aca6004a6faad000a5d
9b4b2d81745a4f115bbd6f15c2cff5a49e8ef425d69a258cbcc0423708f597fd
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4fb5bb90ebb0daadc23b943342126a08a6b3cf706dcb138b116a7c1f9c17a9e
a50b9692aaf6e38e655c449caab23e80133d0bd79da8de14bebbe26d424df991
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf
b5eb1a7be45c8b7a41e37176c404e11d3481001b989eb75c19c97c10b845fcfa
b67dec0ff2f54bc8ba16b68406cb60508844cea06776d3b6b69aedf1166ebc2d
b7588be2e5d93618da7744f5e40394061bb8468239cef61d579ca3488c51608c
ba2422aceabae696a1acc59a14f99a4f251bae79032b4d603cd4e1493f74da0f
bbb75566e978e55fc0a9d987c82189bffedd0a91230ecd9c2d30520ee69a5d8b
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
d44c1f2a6531d774fda6e6eba865f1ba8aed10f372fe97f395895a8a1e1fa2a5
de13028b7ce7139f88a57c5825a653e6e7ab15d147d7db886dde3c17ba953aad
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e83b66d853c969251ec2828cdad3c60e7ef296f93a403de19a173725f4f58aea
e9f3b72e2ff1368774532a46a53e7ee05763ffc3ba80f407bf59309e58367a4c
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615