urlscan.io logo urlscan.io
SecurityTrails logo

secure.wickerforsenate.com Open in urlscan Pro
2606:4700:10::6814:543  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://secure.wickerforsenate.com/
Effective URL: https://secure.wickerforsenate.com/donate_home
Submission: On June 08 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 15 domains to perform 66 HTTP transactions. The main IP is 2606:4700:10::6814:543, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.wickerforsenate.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time secure.wickerforsenate.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

8    2606:4700:10::6814:543 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.wickerforsenate.com
13    52.222.174.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-174-50.cdg50.r.cloudfront.net
js.stripe.com
2    2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    65.9.66.103 (United States)

ASN16509 (AMAZON-02, US)
d35ligi1n5bgzc.cloudfront.net
4    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
www.googleadservices.com
3    142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net
6739201.fls.doubleclick.net
1    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2600:9000:218c:e000:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)
m.stripe.network
4    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
11    54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com
q.stripe.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.210.60.230 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-60-230.us-west-2.compute.amazonaws.com
m.stripe.com
Domain Requested by
13 js.stripe.com secure.wickerforsenate.com
js.stripe.com
11 q.stripe.com js.stripe.com
secure.wickerforsenate.com
8 secure.wickerforsenate.com 1 redirects secure.wickerforsenate.com
4 www.google.de secure.wickerforsenate.com
www.googleadservices.com
4 www.google.com 1 redirects secure.wickerforsenate.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
secure.wickerforsenate.com
3 6739201.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
3 www.googleadservices.com www.googletagmanager.com
6739201.fls.doubleclick.net
www.googleadservices.com
2 analytics.twitter.com platform.twitter.com
2 www.facebook.com secure.wickerforsenate.com
2 t.co secure.wickerforsenate.com
2 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
2 m.stripe.network js.stripe.com
m.stripe.network
2 stats.g.doubleclick.net www.google-analytics.com
2 connect.facebook.net secure.wickerforsenate.com
connect.facebook.net
2 www.googletagmanager.com secure.wickerforsenate.com
1 m.stripe.com m.stripe.network
1 adservice.google.de 1 redirects
1 adservice.google.com 6739201.fls.doubleclick.net
1 static.ads-twitter.com secure.wickerforsenate.com
1 platform.twitter.com 1 redirects
1 d35ligi1n5bgzc.cloudfront.net secure.wickerforsenate.com
66 22

This site contains links to these domains. Also see Links.

Domain
revv.co
support.revv.co
Subject Issuer Validity Valid
secure.wickerforsenate.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2021-04-14 -
2021-08-04		 4 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2020-08-14 -
2021-08-19		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-05-10 -
2021-08-02		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.stripe.com
DigiCert SHA2 Secure Server CA		 2021-01-12 -
2021-09-29		 9 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-05-17 -
2021-08-09		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
m.stripe.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-16 -
2021-08-04		 4 months crt.sh

This page contains 9 frames:

Primary Page: https://secure.wickerforsenate.com/donate_home
Frame ID: 4F105988D0B0AAEC8978E6F060BCE86E
Requests: 35 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
Frame ID: F1F955E88F3316A2467FFAE739F74CE3
Requests: 2 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Frame ID: C6CC5ACC739B41B0A6A76664E4FEC34A
Requests: 14 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
Frame ID: 9949DF1B48162314822DF5BF2EDEC609
Requests: 6 HTTP requests in this frame

Frame: https://6739201.fls.doubleclick.net/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Frame ID: 492A8B4B29CC5465B7B602FF598FA698
Requests: 1 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: C66BB01C5EB36CFDD7F8DF693882ED9C
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Frame ID: 9841EE112B4D7652F0638FE290F422CC
Requests: 1 HTTP requests in this frame

Frame: https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Frame ID: 35EBBF080E078A84CD936AB1CD8DA5F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.de/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8c-_YLeiEcze7gOS-4jYDA&cid=CAQSKQCNIrLMzb8YoKn8NRbgw2NEFJoMuuR-zNurHOf7kF2ZgrJzr938nsPH&random=3880073094&resp=GooglemKTybQhCsO&ipr=y
Frame ID: A0CCC0C1A145EED94E36509BBD37B53A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://secure.wickerforsenate.com/ HTTP 302
    https://secure.wickerforsenate.com/donate_home Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • script /js\.stripe\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

66
Requests

100 %
HTTPS

57 %
IPv6

15
Domains

22
Subdomains

20
IPs

3
Countries

1731 kB
Transfer

3799 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://secure.wickerforsenate.com/ HTTP 302
    https://secure.wickerforsenate.com/donate_home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14
  • https://6739201.fls.doubleclick.net/activityi;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home HTTP 302
  • https://6739201.fls.doubleclick.net/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Request Chain 15
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 53
  • https://adservice.google.de/ddm/fls/i/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home HTTP 302
  • https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=8c-_YLeiEcze7gOS-4jYDA&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8c-_YLeiEcze7gOS-4jYDA&cid=CAQSKQCNIrLMzb8YoKn8NRbgw2NEFJoMuuR-zNurHOf7kF2ZgrJzr938nsPH&random=3880073094&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8c-_YLeiEcze7gOS-4jYDA&cid=CAQSKQCNIrLMzb8YoKn8NRbgw2NEFJoMuuR-zNurHOf7kF2ZgrJzr938nsPH&random=3880073094&resp=GooglemKTybQhCsO&ipr=y

66 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request donate_home
secure.wickerforsenate.com/
Redirect Chain
  • https://secure.wickerforsenate.com/
  • https://secure.wickerforsenate.com/donate_home
26 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf5b9a33cee7a8e74bb619189b2ef549048349899db87c464823bff20b6d4e5f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.wickerforsenate.com
:scheme
https
:path
/donate_home
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:42 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache
Hit from Revv
set-cookie
_revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c; domain=.wickerforsenate.com; path=/; HttpOnly; Secure; SameSite=None; Secure; Secure
x-request-id
b98045be-72ef-4210-847e-53244bbbd5d0
x-runtime
0.028624
x-rack-cors
miss; no-origin
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0a8edd54990000d6fd5b198000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
65c4cb34284dd6fd-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Tue, 08 Jun 2021 20:15:42 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
location
https://secure.wickerforsenate.com/donate_home
cache-control
no-cache
x-request-id
3f2724ba-cb7d-4bec-9a2c-642f32566518
x-runtime
0.015375
x-rack-cors
miss; no-origin
strict-transport-security
max-age=0; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
cf-request-id
0a8edd539e0000d72598197000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; path=/; expires=Tue, 08-Jun-21 20:45:42 GMT; domain=.secure.wickerforsenate.com; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
65c4cb328f5ad725-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
/
js.stripe.com/v3/ 		223 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58786da73a5c0008ca3fa1172dea6cd974b2ef74d73a9563279e5b4dac2a0794
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:10 GMT
content-encoding
gzip
vary
Accept-Encoding
age
34
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
9N3464BC7JX1YPXJ
x-amz-id-2
sY9JpwANA11Blr80iZWl180J06JpRB6FtMqyBYg7op0wuc34uYFefFZ/DKMpD/nM2KOt6kdJzTk=
last-modified
Tue, 08 Jun 2021 19:51:32 GMT
server
AmazonS3
etag
W/"a0ec6c6d9980d7cd1bf3cdcf419e4ac5"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
eHvqmhAohJt4fEdFVgmuKn5xarPpH6tV8K5vil4M7K8vRw_NNmuZAg==
landing_page-01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867.css
secure.wickerforsenate.com/assets/ 		220 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/assets/landing_page-01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867.css
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/landing_page-01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867.css
pragma
no-cache
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; _revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
secure.wickerforsenate.com
referer
https://secure.wickerforsenate.com/donate_home
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
V5BD0FNX1WFRF90N
content-type
text/css
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
8h+CWfbNwOwDBIJNvQz5QHEq+OO6V52DRRNvRJqxtLfD7oL9C4Sy+6yb9rEhRJdL57ecekheNbM=
last-modified
Tue, 18 May 2021 17:51:49 GMT
server
cloudflare
etag
W/"83b9ced6f765bca43c1827ffd55511ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
HNeX6JudiKf3_01i3ey6sCZHkMR0rQkb
cache-control
public, max-age=14400
cf-request-id
0a8edd55890000d6fd03bc2000000001
cf-ray
65c4cb35ab0fd6fd-FRA
expires
Wed, 09 Jun 2021 00:15:43 GMT
1550001740.css
secure.wickerforsenate.com/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/1550001740.css
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b60533417c54fcd645338f7812922c65a5194e2702b1bd7a9898769a7350b5f2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/1550001740.css
pragma
no-cache
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; _revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
secure.wickerforsenate.com
referer
https://secure.wickerforsenate.com/donate_home
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rack-cors
miss; no-origin
date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-xss-protection
1; mode=block
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a8edd55890000d6fd5f816000000001
x-request-id
cef2f6da-a515-4393-9354-15bf5eb210b6
x-runtime
0.030630
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=31556952
cf-ray
65c4cb35ab12d6fd-FRA
expires
Thu, 09 Jun 2022 02:04:55 GMT
application-landing-page-f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916.js
secure.wickerforsenate.com/assets/ 		601 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/assets/application-landing-page-f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/application-landing-page-f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916.js
pragma
no-cache
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; _revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.wickerforsenate.com
referer
https://secure.wickerforsenate.com/donate_home
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
V5B7T92TND42GP3H
content-type
application/javascript
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-id-2
UMn9x3taRiDiN/SOdf4UwUNTI3D3nV2IwqnU4v6vRtK4EnvvnhxAN1mfn6yV3/n11rMR9flfO3E=
last-modified
Tue, 18 May 2021 17:51:48 GMT
server
cloudflare
etag
W/"b920dbe150ad71a50872c956a1e6e082"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
br7l_G0smrRnSQocT81Ny85boLQz3K8f
cache-control
public, max-age=14400
cf-request-id
0a8edd558a0000d6fd4dae4000000001
cf-ray
65c4cb35ab13d6fd-FRA
expires
Wed, 09 Jun 2021 00:15:43 GMT
api.js
secure.wickerforsenate.com/cdn-cgi/bm/cv/669835187/ 		35 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/cdn-cgi/bm/cv/669835187/api.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/cdn-cgi/bm/cv/669835187/api.js
pragma
no-cache
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; _revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
secure.wickerforsenate.com
referer
https://secure.wickerforsenate.com/donate_home
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
content-type
text/javascript
vary
Accept-Encoding
cache-control
max-age=604800, public
cf-ray
65c4cb373e39d6fd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a8edd56840000d6fdfda46000000001
revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
secure.wickerforsenate.com/assets/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.wickerforsenate.com/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
pragma
no-cache
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; _revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
secure.wickerforsenate.com
referer
https://secure.wickerforsenate.com/donate_home
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-amz-request-id
V5BEW5K0HATRK14A
content-type
image/png
strict-transport-security
max-age=0; includeSubDomains
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2844
x-amz-id-2
ZjQW+HQs9puK6pbRDQFRFlSxuarQ9ha40DDYwY2N1HxvAAXKHvqY4xTcpfT35gRSAQSMyjrn4Xo=
last-modified
Tue, 18 May 2021 17:51:50 GMT
server
cloudflare
etag
"0bdbab7164f21196bc848a313a9e20e6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
eLWyPimRszKy3VN2Kg4xoB5zPb.T9Iuv
cache-control
public, max-age=14400
cf-request-id
0a8edd56960000d6fd05971000000001
accept-ranges
bytes
cf-ray
65c4cb375e72d6fd-FRA
expires
Wed, 09 Jun 2021 00:15:43 GMT
gtm.js
www.googletagmanager.com/ 		204 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68d4fdfcdfbef44eba4edec2e37b8d7382e07903473a5f6f61f4653b291e4204
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50138
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 19:12:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Jun 2021 20:15:43 GMT
gtm.js
www.googletagmanager.com/ 		94 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f013db889bc2c603380d1e42d5ad5ace641f07debb0184cfb04f167bc8f667b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36547
x-xss-protection
0
last-modified
Tue, 08 Jun 2021 19:12:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 08 Jun 2021 20:15:43 GMT
Wicker_mockup_donation7.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/001/180/large/ 		947 KB
948 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/001/180/large/Wicker_mockup_donation7.png
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/stylesheets/rv_page_9oCTUJnmWVWo3p4LraRz8Qjf/1550001740.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bc73dc88529fe1803a390b4d66a92a61c43de7da69d362ae1a8b550a4a1e0f5

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:44 GMT
via
1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
last-modified
Thu, 23 Nov 2017 14:13:38 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"b37c685d8fbdd7d6a47a69d045471117"
x-cache
Miss from cloudfront
x-amz-version-id
rHm9o3YP5rd_rgwLd4E0HoM6sA9di4jq
accept-ranges
bytes
content-type
image/png
content-length
969454
x-amz-cf-id
gBvfIgArOrTp3AinFXP-B2BFL7vvxOB7wk_Wda7cG5pCcD-gAweFRw==
m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
js.stripe.com/v3/ Frame F1F9 		215 B
953 B 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
544e7b0ddaba3404a327d068cfca2f3000e385102c042323909c636cf6bdca0e
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.wickerforsenate.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.wickerforsenate.com/

Response headers

content-type
text/html; charset=utf-8
content-length
215
x-amz-id-2
03dQFm4+UbBACgmPudFBE92JpJKOCfSrvT0R/UGilws7KjUx6BUudSKbqSt9n/KflCuduHxL+rk=
x-amz-request-id
63Z47SF1EP7XPFCE
last-modified
Tue, 01 Jun 2021 22:25:38 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date
Tue, 08 Jun 2021 20:14:29 GMT
cache-control
public, max-age=300
etag
"ff599b5032b79ea1f89ba5416bea26e6"
x-cache
Hit from cloudfront
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
cSHhzFt0Qj4tTqdx8bQm70JPubWPEBI0uaCx1aZ_z4Kg2heMkGKkYQ==
age
75
controller-ad953f1e8fd38b919d7193db32b4dfb3.html
js.stripe.com/v3/ Frame C6CC 		299 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
928313ff7017ce5ab462309732925267e12e333daf2bc9cb0039fd0129e2e3bd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.wickerforsenate.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.wickerforsenate.com/

Response headers

content-type
text/html; charset=utf-8
content-length
299
x-amz-id-2
nN9evVo8Ow/87qSEquU8sOofB2VaZtSj9/cGAFMikYPlzRVmIfXHVDWS9eb2sSXK7GfUoCHHyWM=
x-amz-request-id
CZY50BWG8BAF3QW6
last-modified
Tue, 08 Jun 2021 19:28:51 GMT
accept-ranges
bytes
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
date
Tue, 08 Jun 2021 20:15:17 GMT
cache-control
public, max-age=300
etag
"ad953f1e8fd38b919d7193db32b4dfb3"
x-cache
Hit from cloudfront
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
B2JJD7qLi_9m_AQW0UV2aArtCLw9xTf_clCJl7JkgAoNBb2XEeogCg==
age
27
elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
js.stripe.com/v3/ Frame 9949 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be8909bfb36e8ce0a27680906a7b19c810193e7fe275f04ef1610069f993eeb9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
js.stripe.com
:scheme
https
:path
/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.wickerforsenate.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://secure.wickerforsenate.com/

Response headers

content-type
text/html; charset=utf-8
x-amz-id-2
EfOL614PjO8QsMxcIZ/jR0Dj7yd/DdLVwYgVENeIWF7JL2ctzp5gcEQv7mN7Al3YYjz+5nisbVU=
x-amz-request-id
CZYCZR94QJRPPZ1D
last-modified
Tue, 08 Jun 2021 19:28:47 GMT
server
AmazonS3
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
access-control-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Tue, 08 Jun 2021 20:15:19 GMT
cache-control
public, max-age=300
etag
W/"1bb619069ee7da94487e6362e8d712a6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P2
x-amz-cf-id
-Wjj6uQKU7o_mb1YHCSwoyOb3ZyKqF0lFOKjs0iCbiXkHFuryntASQ==
age
25
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
2210
date
Tue, 08 Jun 2021 19:38:53 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Tue, 08 Jun 2021 21:38:53 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
8cad013d9042fff980bceebcf6bc4875f185a74e90acf06d4ab576ef88acc9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13938
x-xss-protection
0
server
cafe
etag
13764500066822648461
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 08 Jun 2021 20:15:43 GMT
activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_...
6739201.fls.doubleclick.net/ Frame 492A
Redirect Chain
  • https://6739201.fls.doubleclick.net/activityi;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonat...
  • https://6739201.fls.doubleclick.net/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2F...
506 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6739201.fls.doubleclick.net/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T232Q5
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
23eb1988ef75781e2b6807d88e190656d4eaf6635db9960123413627ea395cb2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6739201.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://secure.wickerforsenate.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:43 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
401
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 08-Jun-2021 20:30:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:43 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://6739201.fls.doubleclick.net/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
via
1.1 varnish
last-modified
Fri, 04 Dec 2020 00:21:46 GMT
age
32181
etag
"cbc512946c8abb461c6215ed5b454e5f+gzip"
vary
Accept-Encoding,Host
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding
gzip
cache-control
no-cache
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
1957
x-timer
S1623183344.797243,VS0,VE0
x-served-by
cache-hhn11580-HHN

Redirect headers

x-tw-cdn
VZ
Date
Tue, 08 Jun 2021 20:15:43 GMT
Server
ECS (frb/67E0)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Content-Length
0
fbevents.js
connect.facebook.net/en_US/ 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24515
x-fb-rlafr
0
pragma
public
x-fb-debug
YzkDzQoLTDbqNrvHpyUenyU2zhIbVvEqiMMU7C8E81JO3/MNrXZj7ZvAZmzuBQaqzmAFsbsp2uVqNAfMHGkpxg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 08 Jun 2021 20:15:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
m-outer-b8cbec1166aab48d1e5a12e8ab272ac1.js
js.stripe.com/v3/fingerprinted/js/ Frame F1F9 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/m-outer-b8cbec1166aab48d1e5a12e8ab272ac1.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/m-outer-ff599b5032b79ea1f89ba5416bea26e6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:12:27 GMT
content-encoding
gzip
vary
Accept-Encoding
age
197
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
MY36YENN7DW6NHAA
x-amz-id-2
fyvjxqHAOsfhEtVyYFEDqk09UrDlw86ASDuvSHB9by8LRAO5wCagLE4nJLCwWpy5X5Rt/4bSH2A=
last-modified
Tue, 01 Jun 2021 22:25:35 GMT
server
AmazonS3
etag
W/"78581b5abad6c4e7b59c0f8ee45a8134"
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
qm2TLECtk82awsB7l-CWVeLINoV4O74sXWCQ6BL5MmyoFSiKVDYTZA==
shared-97cb34e59e0a5a10990459fb52a9f215.js
js.stripe.com/v3/fingerprinted/js/ Frame C6CC 		165 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-97cb34e59e0a5a10990459fb52a9f215.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df67a04a4c444b1e0a5a7ff6895f5d7abc318fdae2cc58fc393af4d4703a3f02
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"657238d6e0596977b7ae3164cb538730"
age
25
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
FF1C9SPS320W22PW
x-amz-id-2
IqOk+NU/oxo70FPMaXFOMROAHsqsXkrbp/l5wk+Pt/qhQ0uSy85i0X0gofFSG3JqgWDiDuz06bc=
last-modified
Tue, 08 Jun 2021 19:28:48 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:15:20 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
2BM6DAeHOPT4lW8ACz6R5OBQNCc_Y_wtO0n2heYoPuUz17yybFOouA==
controller-81a6cecc622ab54d5d812ceb97262ff3.js
js.stripe.com/v3/fingerprinted/js/ Frame C6CC 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/controller-81a6cecc622ab54d5d812ceb97262ff3.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5eed2e314fe0fd200e70595e83541547be6819bf945fdaf897d4c64af815ea41
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"d7500d0ce7c9b2875500c5df036671c8"
age
25
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
FF1B0313FTR0HCCJ
x-amz-id-2
UWKiSvwltRMYRL3i0QSOJk7Rd5mN1PzCUb5svnwoous0AMsyMjjJFIEIKwHUTXptj0Ikw0M0n6U=
last-modified
Tue, 08 Jun 2021 19:28:48 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:15:18 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
IUs2mhL8YUWK1qmDi3WFyuRpl9Gdy2orMvtTP8sPCjarW2QipWKTQQ==
result
secure.wickerforsenate.com/cdn-cgi/bm/cv/ 		0
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.wickerforsenate.com/cdn-cgi/bm/cv/result?req_id=65c4cb34284dd6fd
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/cdn-cgi/bm/cv/669835187/api.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://secure.wickerforsenate.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
__cf_bm=e7bb61d3cde7d4a00ebd34fba6174d0abb08d34a-1623183342-1800-ARreecyPdJPEzQsulJcPcf7opSe2hGEEpQXW9CBIrvAwgbw/NIxyKX6gpJyVrBOrmcxTDC8Gu2dMFugLzMFvehjNZpVkVuypMzrmbgTrg+q5; _revv_v3_session=elM4K3h0RGloeEtPd0NnZ0tmSWZSeFZ6UC9kdWVUbTN1d3hqS3pXRGw2RUhKVklnZ2pIWVlXTk80NktZSTl2cFJDV1c3MERVVlRrWW8zd0o2N1k1UEl5SlRaZ2FyS3B4V0llc1l6MnAzMDFRK3U3Z3VkUVVzV3RxM2JDZXlqQ282OE9VRi9QOU8rVzQ1RTNXNU5jbTdYSEtUaGxpWlYwRnJJWnFPcHJzZ2tWZFFKVGQ1TlZSdktqYUVFSDVFSkdOaCtjTXVkZjdsR3MreUpCclJ2WWJTcWh5aFNraWFFQ0Y3LzA4VzNuVlBDanAwcWpIRnZiNTdTcDdlREk4Mk0wdm9lNlhDUCs3dnEwazhhb1UrYXRDNE4xaC9yWExaZkJhUmFvMGNtOEUxRTRuVTlKZXE5ZU9yMnQraWlxQ3JJWEQvWmVwUkk0V2RSM0tTTk9ad0FrT2JpZmo0M0xzUXRwd2tqeW04cUFkRitLSUVOd3dsUkVOWCszVkVTdEVmSFNJLS16RGFuWjMycDZ0WEQ0a0VKNUlaV1h3PT0%3D--3651959cbe9a1d2e66c37bfa7894e565be59084c; _gcl_au=1.1.1678463822.1623183344
content-length
424
:path
/cdn-cgi/bm/cv/result?req_id=65c4cb34284dd6fd
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
secure.wickerforsenate.com
referer
https://secure.wickerforsenate.com/donate_home
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://secure.wickerforsenate.com/donate_home
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 08 Jun 2021 20:15:43 GMT
x-content-type-options
nosniff
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
set-cookie
__cf_bm=c9cbded00283408db653fa94cc45e46a754ff747-1623183343-1800-ASmHn/Tx28J2qcgmXJADIOs2pjxdePB7tqn93jWb28ej3AwgP7bUTfzPeVdK8EfWJNy0JGRqQ60bMGvCTuom24NFn2qvt9BEf/5u28zMTYChWDYh6lnOt+PXbScL/1c0aLp36RDXlwn7VRT2X1sYguq90DRoF3pjfq0nz70PoROAxRYUmWhgLbOvQ383dwVa9tuZMFsiwJsFmVKRwhxzwLA=; path=/; expires=Tue, 08-Jun-21 20:45:43 GMT; domain=.secure.wickerforsenate.com; HttpOnly; Secure; SameSite=None
strict-transport-security
max-age=0; includeSubDomains
cf-ray
65c4cb3a7c3fd6fd-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id
0a8edd588f0000d6fdfda6c000000001
ui-shared-c9d860636bd7c359867b907aef67ae74.css
js.stripe.com/v3/fingerprinted/css/ Frame 9949 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/css/ui-shared-c9d860636bd7c359867b907aef67ae74.css
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed393d5ea35f799c7d5ab30dfe85a3c82e77e5e1018d17d0c87677d2e2232111
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"368af67cab5dd388f85504800c0ec97c"
age
46
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
5P60784E0CFR75EJ
x-amz-id-2
9OZCy5O5F4bnPCll60UVECMTdm0oxtzJkIUb3aW9RksqudOiYsVA65AKeE3cF7fLAsitoJQQpS0=
last-modified
Wed, 21 Apr 2021 20:32:27 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:15:07 GMT
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
AWvOcNXjj-RK2sQcZk7DMp4NFt-8iWVm-nklnEnwTbPfalAwRrjYXA==
shared-97cb34e59e0a5a10990459fb52a9f215.js
js.stripe.com/v3/fingerprinted/js/ Frame 9949 		165 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/shared-97cb34e59e0a5a10990459fb52a9f215.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
df67a04a4c444b1e0a5a7ff6895f5d7abc318fdae2cc58fc393af4d4703a3f02
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"657238d6e0596977b7ae3164cb538730"
age
25
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
FF1C9SPS320W22PW
x-amz-id-2
IqOk+NU/oxo70FPMaXFOMROAHsqsXkrbp/l5wk+Pt/qhQ0uSy85i0X0gofFSG3JqgWDiDuz06bc=
last-modified
Tue, 08 Jun 2021 19:28:48 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:15:19 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
dNuJY15rqi-Z-XF1A3UOpmGfO4UH6UsN0vIdkb26DphRGHTo2y8-TQ==
ui-shared-b7c18f99284b02a4f148301c3a67beff.js
js.stripe.com/v3/fingerprinted/js/ Frame 9949 		224 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/ui-shared-b7c18f99284b02a4f148301c3a67beff.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93248db99c3ed62b95964ac7febe166074f9ef6df0a2081cd016acee0a2dffd3
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"80d2b1966bee1a69551f90b80f56485b"
age
256
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
T6J57Z2BAGPYVJPK
x-amz-id-2
p8F6Wfbo8djXIuWzX4SG3d1eFv8NyQxsXoqzUKU6ZImwwcS3LcP2CTaC1Bs8VB4qTJuOioNAwko=
last-modified
Wed, 02 Jun 2021 20:26:07 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:11:30 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
rFLY3PbE_xzfJ1IdOIbVSnqqoAa8T1NLCVRwWlqmHQJoSAhKOJ9rxw==
elements-inner-card-deb488370e62f6ce66a015a40ab297f7.js
js.stripe.com/v3/fingerprinted/js/ Frame 9949 		45 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/elements-inner-card-deb488370e62f6ce66a015a40ab297f7.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
666e445c041e8ee75ac26f7495b49b217d928d9fec2e0fb2a58aaf4844f535c0
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"b20d46846d1112504def2b79cc02b18c"
age
25
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
FF14ZT5DVR26GKK5
x-amz-id-2
3fIEFt1rXv/WjqjPmA1scPt46oeITTP4hn+O2Gam+FBkj9MKCbCNBkBl9+0OlZQ+GHGcu8OrQ18=
last-modified
Tue, 08 Jun 2021 19:28:48 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:15:19 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
uKfiSjUbgp6kfTr7DmOwqzLykUjo2p0vTDTqPKOceS7FjNV3yZCbMw==
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 19:18:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
3433
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
expires
Tue, 08 Jun 2021 20:18:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-111246538-1&cid=2028157541.1623183344&jid=51892621&gjid=1051237847&_gid=430113634.1623183344&_u=YGBAgAALAAAAAE~&z=1475111380
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Jun 2021 20:15:43 GMT
content-type
text/plain
access-control-allow-origin
https://secure.wickerforsenate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1446331758&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&ul=en-us&de=UTF-8&dt=Wicker%20for%20Senate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAL~&jid=51892621&gjid=1051237847&cid=2028157541.1623183344&tid=UA-111246538-1&_gid=430113634.1623183344&gtm=2wg621T232Q5&z=1847239630
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 19:13:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
3733
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
1635689170016443
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1635689170016443?v=2.9.41&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
787a9d95ec29794c63f0fdf0780bea830f29d108ac2d374c08ddcf4bdd99cead
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
dvR+x64qR/wZrs5eifB6/COvyYO14o9CvxVLk279LWHjlplBW0YGdeC/r2jsSXDNN+SmFPOFbrnCg+Fnw4tf5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 08 Jun 2021 20:15:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
inner.html
m.stripe.network/ Frame C66B 		932 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/inner.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b8cbec1166aab48d1e5a12e8ab272ac1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:e000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

:method
GET
:authority
m.stripe.network
:scheme
https
:path
/inner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.stripe.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://js.stripe.com/

Response headers

content-type
text/html; charset=utf-8
server
nginx
last-modified
Thu, 20 May 2021 17:57:41 GMT
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding
gzip
date
Tue, 08 Jun 2021 20:12:42 GMT
cache-control
public, max-age=300
etag
W/"60a6a315-3a4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9c8fea304cc4dc64f018a09a43cea24b.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P1
x-amz-cf-id
uqdGFNO2YCs3MV5aC3a3sEPBhS5uE-QpwBsH-Qdf5bsK282AaETJtw==
age
181
ga-audiences
www.google.com/ads/ 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-111246538-1&cid=2028157541.1623183344&jid=51892621&_u=YGBAgAALAAAAAE~&z=1457428607
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-111246538-1&cid=2028157541.1623183344&jid=51892621&_u=YGBAgAALAAAAAE~&z=1457428607
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
q.stripe.com/ Frame C6CC 		43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.controller.load&event_count=1&timestamp=1623183343958&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
countryRanges-e0a096641b94a5ef23aa7191acc0b7a2.json
js.stripe.com/v3/fingerprinted/data/ Frame 9949 		142 KB
36 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/data/countryRanges-e0a096641b94a5ef23aa7191acc0b7a2.json
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-97cb34e59e0a5a10990459fb52a9f215.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb62b762a4f0f894be16a1258a1e92d6fe4bea4cb99c8ab8ed64b58b3fad009c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Accept
application/json
Referer
https://js.stripe.com/v3/elements-inner-card-1bb619069ee7da94487e6362e8d712a6.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"e0a096641b94a5ef23aa7191acc0b7a2"
age
94
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-request-id
CH3K5KNDE046K4WC
x-amz-id-2
QyM605VDJrsz0xo8+7JwriZTE2icjmq9nrN2PSUqdNXYB9xglGKxBcRrW0J0VjdKNdMDSp3/auc=
last-modified
Tue, 27 Oct 2020 20:41:47 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:14:12 GMT
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
timing-allow-origin
*
x-amz-cf-id
uf_J2Vf8ca7cNg-wnmze-4F0MJe1vOOE9aemmXu6p9a-AbZ2eixCYg==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/929531053/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/929531053/?random=1623183344184&cv=9&fst=1623183344184&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&tiba=Wicker%20for%20Senate&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
240bff27102b90ed01dbd425834f819abaaa370667e978efcd37692c7cedbe0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1012
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-73658561-7&cid=2028157541.1623183344&jid=1166571577&gjid=452260815&_gid=430113634.1623183344&_u=aGDAgEALAAAAAE~&z=1523109387
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 08 Jun 2021 20:15:44 GMT
content-type
text/plain
access-control-allow-origin
https://secure.wickerforsenate.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=1446331758&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&ul=en-us&de=UTF-8&dt=Wicker%20for%20Senate&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALAAAAAE~&jid=1166571577&gjid=452260815&cid=2028157541.1623183344&tid=UA-73658561-7&_gid=430113634.1623183344&gtm=2wg621NTQZ9N&z=1187036469
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 18:12:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
7386
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nuc0a&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 08 Jun 2021 20:15:44 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
8e78c3cdb46c77a547ce4a252cb99e8edfe168995296e8b6a60377ee89b798e7
x-transaction
9fe3a34769f654de
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
t.co/i/ 		43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nuy0h&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 08 Jun 2021 20:15:44 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
8e78c3cdb46c77a547ce4a252cb99e8edfe168995296e8b6a60377ee89b798e7
x-transaction
7830fce05498b354
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.fetch_locale&event_count=2&timestamp=1623183344310&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.elements&event_count=3&timestamp=1623183344311&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&options-locale=en&options-betas=
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.fetch_locale&event_count=4&timestamp=1623183344311&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
adservice.google.com/ddm/fls/i/ Frame 9841 		505 B
890 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: 6739201.fls.doubleclick.net
URL: https://6739201.fls.doubleclick.net/activityi;dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
114a26be576e5357695d01f5bee1ee095d3ee3f1917016cd53707ef2efb86b55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6739201.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://6739201.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:44 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
401
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-73658561-7&cid=2028157541.1623183344&jid=1166571577&_u=aGDAgEALAAAAAE~&z=8431233
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-73658561-7&cid=2028157541.1623183344&jid=1166571577&_u=aGDAgEALAAAAAE~&z=8431233
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1635689170016443&ev=PageView&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&rl=&if=false&ts=1623183344395&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623183344393.614807161&it=1623183343842&coo=false&rqm=GET
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Tue, 08 Jun 2021 20:15:44 GMT
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.create&event_count=5&timestamp=1623183344399&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&options-style-base-type=blocks&options-style-base-blocks=%5Bobject+Object%5D+%5Bobject+Object%5D&options-style-invalid-type=blocks&options-style-invalid-blocks=%5Bobject+Object%5D+%5Bobject+Object%5D&options-locale=en&options-betas=&options-componentName=card&options-wait=false&options-rtl=false&element=card
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.event.load&event_count=6&timestamp=1623183344400&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&element=card
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=7&timestamp=1623183344410&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&dom_loading=59&dom_interactive=641&dom_complete=755&since_sjs_load=963&since_stripe_create=579&since_group_create=579&since_create=579&mount_duration=565&since_fetch=566&load_count=1&match_frame=true&resource_timings-ui-shared.css-transfer_size=3747&resource_timings-ui-shared.css-duration=51&resource_timings-shared.js-transfer_size=47382&resource_timings-shared.js-duration=59&resource_timings-ui-shared.js-transfer_size=69861&resource_timings-ui-shared.js-duration=65&resource_timings-elements-inner-card.js-transfer_size=12551&resource_timings-elements-inner-card.js-duration=87&element=card
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
out-4.5.35.js
m.stripe.network/ Frame C66B 		85 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.stripe.network/out-4.5.35.js
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/inner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:218c:e000:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://m.stripe.network/inner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
etag
W/"60a6a315-153a9"
age
204
x-cache
Hit from cloudfront
last-modified
Thu, 20 May 2021 17:57:41 GMT
server
nginx
date
Tue, 08 Jun 2021 20:12:20 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
via
1.1 9c8fea304cc4dc64f018a09a43cea24b.cloudfront.net (CloudFront)
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P1
timing-allow-origin
*
x-amz-cf-id
Lfu4ATe27lxT3U_Vu2fMruZ-hkFceNPIKijt-Of6NTgmWGtfylYv9w==
/
www.google.com/pagead/1p-user-list/929531053/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/929531053/?random=1623183344184&cv=9&fst=1623182400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&frm=0&url=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&tiba=Wicker%20for%20Senate&async=1&fmt=3&is_vtc=1&random=536790371&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/929531053/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/929531053/?random=1623183344184&cv=9&fst=1623182400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg621&sendb=1&frm=0&url=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&tiba=Wicker%20for%20Senate&async=1&fmt=3&is_vtc=1&random=536790371&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.event.ready&event_count=8&timestamp=1623183344446&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&element=card
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-ad953f1e8fd38b919d7193db32b4dfb3.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
6739201.fls.doubleclick.net/ddm/fls/r/ Frame 35EB
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.w...
  • https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2F...
953 B
874 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f6.1e100.net
Software
cafe /
Resource Hash
f2343b7a8aaba70601eb848590058de4b6f98076c6b39fe3ad7d8e4f169f62fb
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
6739201.fls.doubleclick.net
:scheme
https
:path
/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:44 GMT
expires
Tue, 08 Jun 2021 20:15:44 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
535
x-xss-protection
0
set-cookie
IDE=AHWqTUkcBhr8kceKbrqP9aHXS1aBVpaIBcRhI-0OQh0o1emsB6oSPq-xKZFzENhGIpk; expires=Sun, 03-Jul-2022 20:15:44 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:44 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
location
https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=9&timestamp=1623183344874&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&element=ControllerApp&dom_loading=63&dom_interactive=447&dom_complete=1355&since_sjs_load=813&since_stripe_create=441&since_create=441&mount_duration=437&since_fetch=431&load_count=1&match_frame=true&resource_timings-shared.js-transfer_size=47382&resource_timings-shared.js-duration=54&resource_timings-controller.js-transfer_size=23011&resource_timings-controller.js-duration=39
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:44 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1635689170016443&ev=Microdata&dl=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home&rl=&if=false&ts=1623183345048&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Wicker%20for%20Senate%22%2C%22meta%3Adescription%22%3A%22Home%20Page%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Wicker%20for%20Senate%22%2C%22og%3Adescription%22%3A%22Home%20Page%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home%22%2C%22og%3Asite_name%22%3A%22Wicker%20for%20Senate%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22website%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%2C%22twitter%3Aurl%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home%22%2C%22twitter%3Atitle%22%3A%22Wicker%20for%20Senate%22%2C%22twitter%3Adescription%22%3A%22Home%20Page%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fassets%2Frevv-social-image-2714b01e512cb005e00d896bee24df9e812b4c25906522cacffd69f97f722f9a.png%22%2C%22twitter%3Aimage%22%3A%22https%3A%2F%2Fsecure.wickerforsenate.com%2Fassets%2Frevv-social-image-2714b01e512cb005e00d896bee24df9e812b4c25906522cacffd69f97f722f9a.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.41&r=stable&ec=1&o=30&fbp=fb.1.1623183344393.614807161&it=1623183343842&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: secure.wickerforsenate.com
URL: https://secure.wickerforsenate.com/donate_home
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Tue, 08 Jun 2021 20:15:45 GMT
conversion.js
www.googleadservices.com/pagead/ Frame 35EB 		43 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 6739201.fls.doubleclick.net
URL: https://6739201.fls.doubleclick.net/ddm/fls/r/dc_pre=CNbg75TtiPECFYQDBgAdGE0JpA;src=6739201;type=invmedia;cat=xulrnxiw;ord=5284206352167;gtm=2wg621;auiddc=1678463822.1623183344;~oref=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
437ab1122de69cfb9f59c9ff5c4b7276183a6b3e6431b35ed8d65f1fb50a23cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6739201.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16585
x-xss-protection
0
server
cafe
etag
3173349984735253481
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 08 Jun 2021 20:15:45 GMT
/
www.googleadservices.com/pagead/conversion/856609794/ Frame 35EB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/856609794/?random=1623183345248&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=1&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
cd907f8c63081ae157efcbf1ae8e291303f84cd4231ba9a61836248240d4f714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6739201.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1257
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/856609794/ Frame A0CC
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid...
  • https://www.google.com/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&...
  • https://www.google.de/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u...
63 B
100 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.de/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8c-_YLeiEcze7gOS-4jYDA&cid=CAQSKQCNIrLMzb8YoKn8NRbgw2NEFJoMuuR-zNurHOf7kF2ZgrJzr938nsPH&random=3880073094&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion/856609794/?random=1623183345248&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=1&fmt=4
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.google.de
:scheme
https
:path
/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8c-_YLeiEcze7gOS-4jYDA&cid=CAQSKQCNIrLMzb8YoKn8NRbgw2NEFJoMuuR-zNurHOf7kF2ZgrJzr938nsPH&random=3880073094&resp=GooglemKTybQhCsO&ipr=y
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://6739201.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
76
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Tue, 08 Jun 2021 20:15:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, no-store, must-revalidate
location
https://www.google.de/pagead/1p-conversion/856609794/?random=503848805&cv=9&fst=1623183345248&num=1&label=BtOkCNPR-HMQgqi7mAM&bg=ffffff&hl=en&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6739201.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCNbg75TtiPECFYQDBgAdGE0JpA%3Bsrc%3D6739201%3Btype%3Dinvmedia%3Bcat%3Dxulrnxiw%3Bord%3D5284206352167%3Bgtm%3D2wg621%3Bauiddc%3D1678463822.1623183344%3B~oref%3Dhttps%253A%252F%252Fsecure.wickerforsenate.com%252Fdonate_home&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=8c-_YLeiEcze7gOS-4jYDA&cid=CAQSKQCNIrLMzb8YoKn8NRbgw2NEFJoMuuR-zNurHOf7kF2ZgrJzr938nsPH&random=3880073094&resp=GooglemKTybQhCsO&ipr=y
content-security-policy
script-src 'none'; object-src 'none'
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
76
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adsct
analytics.twitter.com/i/ 		31 B
658 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nuc0a&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 08 Jun 2021 20:15:45 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3fc32cefaf39b8e193de94d0e234b7fc7a6440b61cec107469ecd97199c54815
x-transaction
182328507687f377
expires
Tue, 31 Mar 1981 05:00:00 GMT
adsct
analytics.twitter.com/i/ 		31 B
232 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nuy0h&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.wickerforsenate.com%2Fdonate_home
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/oct.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 08 Jun 2021 20:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
pragma
no-cache
last-modified
Tue, 08 Jun 2021 20:15:45 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
3fc32cefaf39b8e193de94d0e234b7fc7a6440b61cec107469ecd97199c54815
x-transaction
c158991ea0c1040e
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.timings&event_count=10&timestamp=1623183345532&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&element=outer&dom_loading=235&dom_interactive=731&dom_complete=2798&since_fetch=409&load_count=1&load_before_dom_content_loaded=true&load_ready_state=loading&first_create_ready_state=interactive&first_mount_readyState=interactive&until_first_create=371&until_first_mount=375&until_first_load=1087&resource_timings-stripe.js-transfer_size=62514&resource_timings-stripe.js-duration=132&resource_timings-m-outer.html-transfer_size=953&resource_timings-m-outer.html-duration=53&resource_timings-controller.html-transfer_size=1086&resource_timings-controller.html-duration=40&resource_timings-elements-inner-card.html-transfer_size=2152&resource_timings-elements-inner-card.html-duration=40
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:45 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0
6
m.stripe.com/ Frame C66B 		156 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://m.stripe.com/6
Requested by
Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.210.60.230 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-210-60-230.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
0c5e2323bf6e2a76570cea06cf59f825bf59fc1ad11f7739ae0a213db1436ea7
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://m.stripe.network/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 08 Jun 2021 20:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
text/plain;charset=utf-8
access-control-allow-origin
https://m.stripe.network
access-control-allow-credentials
true
strict-transport-security
max-age=31556926; includeSubDomains; preload
access-control-allow-headers
Content-Type
trusted-types-checker-9b6e874f149cc545c2c2335f8707fd1f.js
js.stripe.com/v3/fingerprinted/js/ 		172 B
967 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-9b6e874f149cc545c2c2335f8707fd1f.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.174.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-174-50.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
544bc1adef126901075f00fb30f014fcbcb3b7284269c42d3c0bd0ad8c7b1087
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://secure.wickerforsenate.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
via
1.1 d5ee2aa873a3cb23609433e0272dd41c.cloudfront.net (CloudFront)
etag
"061c04e6217c3eb8dc56a4f26937a7b7"
age
260
x-cache
Hit from cloudfront
x-amz-request-id
1HWXTK0P0HFPAM2C
x-amz-id-2
topwH+DzEb36twHOg1Gf+2KnGkvPtgHb0T069Syzrg91v0j8m58MLcFJVFlXetybXc5Y+JqpJyI=
accept-ranges
bytes
last-modified
Tue, 01 Jun 2021 22:25:35 GMT
server
AmazonS3
date
Tue, 08 Jun 2021 20:11:37 GMT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=300
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop
CDG50-P2
content-length
172
timing-allow-origin
*
x-amz-cf-id
5ElT9zlY3_EAylBHvigjZIjnpD3erMiwBq4VZyEkhDMixQ0BVuKoVA==
/
q.stripe.com/ Frame C6CC 		43 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://q.stripe.com/?event=elements.trusted_types_check&event_count=11&timestamp=1623183350583&version=44f77eeea&key=pk_live_JzNU2ovfdQBD0CxSZHjPm5Lv&referrer=https%3A%2F%2Fsecure.wickerforsenate.com&stripe_js_id=ba77ee70-4afe-4254-b3f3-80df2b9a6e0c&controller_load_time=1623183343950&wrapper=unknown&es_module=false&flag_cl=false&flag_clc=false&flag_gp=true&flag_gpe=true&frame_width=1600&result=ALLOWED
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-54-187-159-182.stripe.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://js.stripe.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 08 Jun 2021 20:15:50 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
strict-transport-security
max-age=31556926; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, private, must-revalidate, max-age=0, max-stale=0, post-check=0, pre-check=0
content-length
43
expires
0

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer boolean| isWinRed string| app_platform object| __webpackStripeJSv3Jsonp function| Stripe function| BestInPlaceEditor function| $ function| jQuery object| jQuery11240959969409906253 function| Tether function| NestedFormEvents object| nestedFormEvents function| JQClass object| bioEp function| Cookies object| App object| picturefillCFG function| picturefill function| UAParser function| gm_authFailure function| tmpl object| ActionCable object| antiClickjack object| __CF$cv$params function| landingPageFormSubmitRecaptchaSuccess function| landingPageFormSubmitRecaptchaError object| a0_0x433e function| a0_0x3d7e object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| postscribe object| google_tag_manager_external object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| twttr

3 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUkcBhr8kceKbrqP9aHXS1aBVpaIBcRhI-0OQh0o1emsB6oSPq-xKZFzENhGIpk
.wickerforsenate.com/ Name: _fbp
Value: fb.1.1623183344393.614807161
.wickerforsenate.com/ Name: _dc_gtm_UA-73658561-7
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6739201.fls.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
platform.twitter.com
q.stripe.com
secure.wickerforsenate.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.133
104.244.42.195
142.250.185.98
142.250.186.38
199.232.136.157
2600:9000:218c:e000:19:7d10:bd80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:543
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2008
2a00:1450:400c:c07::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.210.60.230
52.222.174.50
54.187.159.182
65.9.66.103
01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0c5e2323bf6e2a76570cea06cf59f825bf59fc1ad11f7739ae0a213db1436ea7
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
114a26be576e5357695d01f5bee1ee095d3ee3f1917016cd53707ef2efb86b55
1bc73dc88529fe1803a390b4d66a92a61c43de7da69d362ae1a8b550a4a1e0f5
1f013db889bc2c603380d1e42d5ad5ace641f07debb0184cfb04f167bc8f667b
23eb1988ef75781e2b6807d88e190656d4eaf6635db9960123413627ea395cb2
240bff27102b90ed01dbd425834f819abaaa370667e978efcd37692c7cedbe0c
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
437ab1122de69cfb9f59c9ff5c4b7276183a6b3e6431b35ed8d65f1fb50a23cf
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
544bc1adef126901075f00fb30f014fcbcb3b7284269c42d3c0bd0ad8c7b1087
544e7b0ddaba3404a327d068cfca2f3000e385102c042323909c636cf6bdca0e
55d72c33b656c305ead833e69ca22803255d396fd4bd8f54a43a51862271e468
58786da73a5c0008ca3fa1172dea6cd974b2ef74d73a9563279e5b4dac2a0794
5eed2e314fe0fd200e70595e83541547be6819bf945fdaf897d4c64af815ea41
666e445c041e8ee75ac26f7495b49b217d928d9fec2e0fb2a58aaf4844f535c0
68d4fdfcdfbef44eba4edec2e37b8d7382e07903473a5f6f61f4653b291e4204
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
787a9d95ec29794c63f0fdf0780bea830f29d108ac2d374c08ddcf4bdd99cead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57
8cad013d9042fff980bceebcf6bc4875f185a74e90acf06d4ab576ef88acc9d0
928313ff7017ce5ab462309732925267e12e333daf2bc9cb0039fd0129e2e3bd
93248db99c3ed62b95964ac7febe166074f9ef6df0a2081cd016acee0a2dffd3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b60533417c54fcd645338f7812922c65a5194e2702b1bd7a9898769a7350b5f2
be8909bfb36e8ce0a27680906a7b19c810193e7fe275f04ef1610069f993eeb9
cb62b762a4f0f894be16a1258a1e92d6fe4bea4cb99c8ab8ed64b58b3fad009c
cd907f8c63081ae157efcbf1ae8e291303f84cd4231ba9a61836248240d4f714
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5b9a33cee7a8e74bb619189b2ef549048349899db87c464823bff20b6d4e5f
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df67a04a4c444b1e0a5a7ff6895f5d7abc318fdae2cc58fc393af4d4703a3f02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed393d5ea35f799c7d5ab30dfe85a3c82e77e5e1018d17d0c87677d2e2232111
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2343b7a8aaba70601eb848590058de4b6f98076c6b39fe3ad7d8e4f169f62fb
f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916