urlscan.io logo urlscan.io
SecurityTrails logo

secure.campaigner.com Open in urlscan Pro
216.24.224.42  Public Scan

Go To Rescan Add Verdict Report
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Submission: On February 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 216.24.224.42, located in Ottawa, Canada and belongs to ETOLL1, CA. The main domain is secure.campaigner.com.
This is the only time secure.campaigner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 216.24.224.42 17358 (ETOLL1)
4 198.71.233.109 26496 (AS-26496-...)
11 11 70.37.54.108 8075 (MICROSOFT...)
10 13.35.253.104 16509 (AMAZON-02)
1 143.204.214.66 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 8.224.216.245 3356 (LEVEL3)
1 216.24.224.100 17358 (ETOLL1)
21 7
3    216.24.224.42 (Ottawa, Canada)

ASN17358 (ETOLL1, CA)
PTR: secure.campaigner.com
secure.campaigner.com
4    198.71.233.109 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-109.ip.secureserver.net
partiallypolitics.com
11    70.37.54.108 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
stripe.rs-2099-a.com
10    13.35.253.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-104.fra6.r.cloudfront.net
images-prod.powerinboxedge.com
1    143.204.214.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-66.fra53.r.cloudfront.net
branding.revenuestripe.com
1    2606:4700:3032::681c:670 (United States)

ASN13335 (CLOUDFLARENET, US)
usmagazine-trending-news.com
1    8.224.216.245 (United States)

ASN3356 (LEVEL3, US)
g.dmsgs.com
1    216.24.224.100 (Ottawa, Canada)

ASN17358 (ETOLL1, CA)
PTR: trk.cpro20.com
trk.cp20.com
Domain Requested by
11 stripe.rs-2099-a.com 11 redirects
10 images-prod.powerinboxedge.com secure.campaigner.com
4 partiallypolitics.com secure.campaigner.com
3 secure.campaigner.com secure.campaigner.com
1 trk.cp20.com secure.campaigner.com
1 g.dmsgs.com secure.campaigner.com
1 usmagazine-trending-news.com secure.campaigner.com
1 branding.revenuestripe.com secure.campaigner.com
21 8

This site contains links to these domains. Also see Links.

Domain
trk.cp20.com
Subject Issuer Validity Valid
sni171042.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-27 -
2020-07-04		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Frame ID: F32C77929C95E4010CD54F125238FEB9
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

21
Requests

5 %
HTTPS

13 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

872 kB
Transfer

935 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16127&cs_sendid=41157125&cs_offset=0&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/2816/468434
Request Chain 5
  • http://stripe.rs-2099-a.com/branding/recommend/short.png HTTP 301
  • http://branding.revenuestripe.com/recommend/short.png
Request Chain 9
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=0&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/593154
Request Chain 10
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=1&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/593178
Request Chain 11
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=2&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/579376
Request Chain 12
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=3&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/593165
Request Chain 13
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=4&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/524391
Request Chain 14
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=5&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/589729
Request Chain 15
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=6&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/591474
Request Chain 16
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=7&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/3904/595848
Request Chain 18
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=117104&cs_sendid=41157125&cs_offset=0&cs_esp=dms HTTP 303
  • http://images-prod.powerinboxedge.com/v3/images/2816/590507

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set g8ff-1qhriz--oi51h-d3phdr59
secure.campaigner.com/csb/Public/show/ 		57 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
216.24.224.42 Ottawa, Canada, ASN17358 (ETOLL1, CA),
Reverse DNS
secure.campaigner.com
Software
/
Resource Hash
6c46fe96a0b0eeb980b5602e07745b677e63061e0c96f0f4dc2a9b8a20dd7649
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
X-Content-Security-Policy frame-ancestors *
X-Frame-Options SAMEORIGIN

Request headers

Host
secure.campaigner.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Set-Cookie
.ASPXANONYMOUS=TlD50V0R1gEkAAAAYmNlNDc5OGMtY2EwMy00NjljLTk5MDAtZDhlNzJlMzJhNDgwJ_fWFJOG_IhWCnmmOrBAVaWVIjk1; expires=Mon, 13-Apr-2020 06:36:10 GMT; path=/; HttpOnly ASP.NET_SessionId=cdjpozsqci0eppaw4gvm3thl; path=/; secure; HttpOnly
X-AspNet-Version
X-Frame-Options
SAMEORIGIN
Content-Security-Policy
frame-ancestors *
X-Content-Security-Policy
frame-ancestors *
Access-Control-Allow-Origin
*
Date
Mon, 03 Feb 2020 19:56:10 GMT
Content-Length
8391
ComboBox.campFormCombo.css
secure.campaigner.com/csb/App_Themes/Lightning/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://secure.campaigner.com/csb/App_Themes/Lightning/ComboBox.campFormCombo.css
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
216.24.224.42 Ottawa, Canada, ASN17358 (ETOLL1, CA),
Reverse DNS
secure.campaigner.com
Software
/
Resource Hash
3e8f432938bb68e2d2ee6cfb81dae2885267c58b1abc04f663266eb0ee028d5b
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
X-Content-Security-Policy frame-ancestors *
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 16:16:48 GMT
Server
X-ASPNET-VERSION
X-Frame-Options
SAMEORIGIN
ETag
"098d92c2dd5d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Date
Mon, 03 Feb 2020 19:56:11 GMT
Accept-Ranges
bytes
Content-Length
928
X-Content-Security-Policy
frame-ancestors *
fonticons.css
secure.campaigner.com/csb/App_Themes/Lightning/Common/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://secure.campaigner.com/csb/App_Themes/Lightning/Common/fonticons.css
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
216.24.224.42 Ottawa, Canada, ASN17358 (ETOLL1, CA),
Reverse DNS
secure.campaigner.com
Software
/
Resource Hash
7298ac333bec1e6e6cdbccfb3688f900510770ec58fa83db582430c624e3b609
Security Headers
Name Value
Content-Security-Policy frame-ancestors *
X-Content-Security-Policy frame-ancestors *
X-Frame-Options SAMEORIGIN

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Security-Policy
frame-ancestors *
Content-Encoding
gzip
Last-Modified
Mon, 27 Jan 2020 16:16:48 GMT
Server
X-ASPNET-VERSION
X-Frame-Options
SAMEORIGIN
ETag
"098d92c2dd5d51:0"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=3600
Date
Mon, 03 Feb 2020 19:56:11 GMT
Accept-Ranges
bytes
Content-Length
4196
X-Content-Security-Policy
frame-ancestors *
spacer.gif
partiallypolitics.com/wp-content/uploads/2018/08/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partiallypolitics.com/wp-content/uploads/2018/08/spacer.gif
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-109.ip.secureserver.net
Software
/
Resource Hash
843630b029a0f48dbad89b365e9b1b90fe8c19b3586d2f43090b95814d91751b
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=300
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Aug 2018 19:21:55 GMT
X-Backend
all_requests
Age
492498
ETag
"447-573058a3f7ac0"
X-Cacheable
YES
X-Cache
cached
Content-Type
image/gif
X-Cache-Hit
HIT
Date
Mon, 03 Feb 2020 19:56:15 GMT
Accept-Ranges
bytes
Content-Length
1095
X-XSS-Protection
1; mode=block
emailbannernew-1.jpg
partiallypolitics.com/wp-content/uploads/2018/08/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partiallypolitics.com/wp-content/uploads/2018/08/emailbannernew-1.jpg
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-109.ip.secureserver.net
Software
/
Resource Hash
2356dce9b1378ae5e81d1f447a653affc7cdff127dd87a3fe64c0b707d5a4779
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=300
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Aug 2018 19:18:51 GMT
X-Backend
all_requests
Age
251244
ETag
"cafa-573057f47dcc0"
X-Cacheable
YES
X-Cache
cached
Content-Type
image/jpeg
X-Cache-Hit
HIT
Date
Mon, 03 Feb 2020 19:56:15 GMT
Accept-Ranges
bytes
Content-Length
51962
X-XSS-Protection
1; mode=block
468434
images-prod.powerinboxedge.com/v3/images/2816/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16127&cs_sendid=41157125&cs_offset=0&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/2816/468434
65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/2816/468434
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18d02b59c3bcde90ba51955da0b6b9b523da3c07090286f84e9b3d4d4f7eaa51

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 08:06:52 GMT
Via
1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Oct 2019 07:02:01 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"861e7a1636c9a08f81fa0cc86ca60f32"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66508
X-Amz-Cf-Id
ULWxT55IJhPk79ZKlDXKb9x9J09za9QXQ4Tt0SOoRrpXHeOO0Ozmmw==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/2816/468434
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
short.png
branding.revenuestripe.com/recommend/
Redirect Chain
  • http://stripe.rs-2099-a.com/branding/recommend/short.png
  • http://branding.revenuestripe.com/recommend/short.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://branding.revenuestripe.com/recommend/short.png
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
143.204.214.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-66.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Wed, 19 Jun 2019 11:03:50 GMT
Via
1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
Last-Modified
Wed, 12 Aug 2015 16:56:24 GMT
Server
AmazonS3
Age
1673387
ETag
"b21b189748ab85533f7859fc43cc8806"
X-Cache
Hit from cloudfront
Content-Type
image/png
X-Amz-Cf-Pop
FRA53-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1389
X-Amz-Cf-Id
giLrVRM8Qmuz8L5HqrBU_lIhyq_6jWCIDY5BxQNMOM1Dn981Sy_Tlw==

Redirect headers

Date
Mon, 03 Feb 2020 19:56:14 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
http://branding.revenuestripe.com/recommend/short.png
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Length
0
Request-Context
appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746
157978069422117.gif
usmagazine-trending-news.com/assets/host_images/ 		410 KB
411 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usmagazine-trending-news.com/assets/host_images/157978069422117.gif
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::681c:670 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c28cdec1834bc859fe1d7ba835b32172282a83283584e2084fe0646bcfa06b3

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 03 Feb 2020 19:56:15 GMT
cf-cache-status
HIT
last-modified
Thu, 23 Jan 2020 11:58:14 GMT
server
cloudflare
age
204332
etag
"5e298a56-66760"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
55f6f7964e22c29a-FRA
content-length
419680
expires
Sun, 01 Mar 2020 19:49:02 GMT
line3.jpg
g.dmsgs.com/bmr/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://g.dmsgs.com/bmr/line3.jpg
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
8.224.216.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.7a PHP/5.3.0 /
Resource Hash
967f2ff087e4c912a6f46dab9bb217019061cb78762042475703ea7e257acc40

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 19:56:28 GMT
Last-Modified
Mon, 14 Aug 2017 20:08:05 GMT
Server
Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.7a PHP/5.3.0
ETag
"13a863a-324c-556bc3885dc2c"
Content-Type
image/jpeg
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
12876
sep1.jpg
partiallypolitics.com/wp-content/uploads/2018/08/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partiallypolitics.com/wp-content/uploads/2018/08/sep1.jpg
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-109.ip.secureserver.net
Software
/
Resource Hash
95cc4795236fab4fd79c8f2adfe704397fc7d0a01510c99b51702ef3e32ad43f
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=300
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Aug 2018 19:47:39 GMT
X-Backend
all_requests
Age
521950
ETag
"6451-57305e6470cc0"
X-Cacheable
YES
X-Cache
cached
Content-Type
image/jpeg
X-Cache-Hit
HIT
Date
Mon, 03 Feb 2020 19:56:15 GMT
Accept-Ranges
bytes
Content-Length
25681
X-XSS-Protection
1; mode=block
593154
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=0&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/593154
20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/593154
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0230f3f0463f0d38aec7a025a21da9674ff190699f91bf3c054caec8f5e41d30

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 19:56:17 GMT
Via
1.1 8e04f5d6c745b231c10fce7c2aa9c70f.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 Jan 2020 16:36:33 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"12d4ba09364861906f15ec6c8de8da5d"
X-Cache
Miss from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
20677
X-Amz-Cf-Id
JoxjOMTVuUb1PYb-Q1pToVHaYXPrPR2Omw0WlvoWZ8VRaoMFKeUELQ==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/593154
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
593178
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=1&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/593178
23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/593178
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2e850f50ddfb3fd782d666256a60155a79fa9922910ae7fa889d4c8ec968c8b4

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 14:39:12 GMT
Via
1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 Jan 2020 16:57:29 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"d1b0c878b0972a238d6bb8de7de59b0b"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23636
X-Amz-Cf-Id
bKOl9RF4K0RhB5DghkrkmBz9vsz2S1G1deHHPleANkjEmz1wx9A8KA==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/593178
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
579376
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=2&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/579376
26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/579376
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8ed6c2693121ee9d828dbbb05bd01d1b946ce9bd892bf9ddd2e54bc332344038

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 18:20:05 GMT
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Last-Modified
Mon, 11 Nov 2019 19:35:09 GMT
Server
AmazonS3
Age
456
ETag
"96e178b48358c5762336ae4bdfc99c47"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
X-Amz-Cf-Pop
FRA6-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26123
X-Amz-Cf-Id
WlCp9JezfmgPiBW2HHRFtfg-dInKOQAwQ-4glOJezxfrFU6RUrtDHg==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/579376
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
593165
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=3&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/593165
21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/593165
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
532952e4a838a3809b78bc86940711c091242da637b4da082f8e35ea2051ee6d

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 16:57:02 GMT
Via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
Last-Modified
Tue, 14 Jan 2020 16:57:19 GMT
Server
AmazonS3
Age
454
ETag
"69e28113627b5d04c34ff9de0f5e629d"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
X-Amz-Cf-Pop
FRA6-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21765
X-Amz-Cf-Id
54KhOjqvix5IIiDDYJkzXWODu1pL34nqFlwBZ1MyB3XYHMFiooYwfw==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/593165
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
524391
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=4&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/524391
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/524391
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
14926e95f9d99cf5a4dc78843c045d36ce128e862156448bf30784e8f4eb884e

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Sat, 01 Feb 2020 07:13:44 GMT
Via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
Last-Modified
Wed, 11 Sep 2019 03:51:21 GMT
Server
AmazonS3
Age
19025
ETag
"80d87b5c18597aac5e5b4dd8d1838219"
X-Cache
Hit from cloudfront
Content-Type
image/png
X-Amz-Cf-Pop
FRA6-C1
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22172
X-Amz-Cf-Id
F0MkDOMQBg-8Ayl376eCFlX8-99oLcdQZZBy-KOACsqHWFODASFlJQ==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/524391
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
589729
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=5&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/589729
25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/589729
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28c2246b45da026a89f24e43e54495e19db996040fe0bace2d1a2d01d27846b0

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 14:43:51 GMT
Via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
Last-Modified
Tue, 31 Dec 2019 23:19:49 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"bd4f8adf1fd06e9d27a60140b73ed25b"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25459
X-Amz-Cf-Id
9uBzXQiR6nGTmto3udwjiRl15jAOOTjfy3BswU7txsK2gk6ySxEqzQ==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/589729
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
591474
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=6&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/591474
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/591474
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00565bdc7a5337a1e2931f62b1bcb03eb2f2f2fe5280e53b02167547c037e65a

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 14:43:51 GMT
Via
1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
Last-Modified
Wed, 08 Jan 2020 19:28:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"32f3cec2b40ef751f5ef68411f8e0a37"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30255
X-Amz-Cf-Id
-opN463chossonRTt1h-xU-8p9QvY2j8tGKJ1G2C4hXxhktHTyEvBg==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/591474
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
595848
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41157125&cs_offset=7&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/3904/595848
24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/3904/595848
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
200bd1b02eab6515839fda89aa5eb836496833b1945470f50c9c774ca595da23

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 14:43:51 GMT
Via
1.1 94faae20b0f122c4555025f52a2fd745.cloudfront.net (CloudFront)
Last-Modified
Sat, 25 Jan 2020 22:18:12 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"8c979a6dbdb510da2100d9484057f17d"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
24490
X-Amz-Cf-Id
u6POKnkYiTSKFH-QQaQtHeXJgbXD_0fFXQCP8KKniUCEN51W8hKsHw==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/3904/595848
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
emailbottom2.jpg
partiallypolitics.com/wp-content/uploads/2018/08/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://partiallypolitics.com/wp-content/uploads/2018/08/emailbottom2.jpg
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-198-71-233-109.ip.secureserver.net
Software
/
Resource Hash
d96fa693f4649530b8fce694e0b8ffd09688a1566321d19909a10e1ab07abc56
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security
max-age=300
X-Content-Type-Options
nosniff
Last-Modified
Thu, 09 Aug 2018 19:25:51 GMT
X-Backend
all_requests
Age
521950
ETag
"6aed-5730598508dc0"
X-Cacheable
YES
X-Cache
cached
Content-Type
image/jpeg
X-Cache-Hit
HIT
Date
Mon, 03 Feb 2020 19:56:15 GMT
Accept-Ranges
bytes
Content-Length
27373
X-XSS-Protection
1; mode=block
590507
images-prod.powerinboxedge.com/v3/images/2816/
Redirect Chain
  • http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=117104&cs_sendid=41157125&cs_offset=0&cs_esp=dms
  • http://images-prod.powerinboxedge.com/v3/images/2816/590507
67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://images-prod.powerinboxedge.com/v3/images/2816/590507
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
13.35.253.104 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-104.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99ad085659e0aa43f9cfa4f40ae87b3cad51ce4dd246588b230bdffdfa9f6af7

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 03 Feb 2020 07:00:05 GMT
Via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
Last-Modified
Sat, 04 Jan 2020 00:00:23 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA6-C1
ETag
"3109bad0813def0a6401d8f694acec18"
X-Cache
RefreshHit from cloudfront
Content-Type
image/png
Cache-Control
public, max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68433
X-Amz-Cf-Id
vSJejx9LuwtZWLH0hZ83Hbo48amYgLsWs57mZ2T54VYdVsizWiXZvg==

Redirect headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:15 GMT
X-AspNetMvc-Version
5.2, 5.2
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Location
http://images-prod.powerinboxedge.com/v3/images/2816/590507
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Expires
-1
Content-Length
0
Request-Context
appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff
img.gif
trk.cp20.com/open/g8ff-1qhriz--d3phdr52/ 		77 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://trk.cp20.com/open/g8ff-1qhriz--d3phdr52/img.gif
Requested by
Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
Protocol
HTTP/1.1
Server
216.24.224.100 Ottawa, Canada, ASN17358 (ETOLL1, CA),
Reverse DNS
trk.cpro20.com
Software
WEB03 /
Resource Hash
e59300e0e5efc6b23adc117f9c8d9ddbd2981773a1c49226c7e427df583691f1

Request headers

Referer
http://secure.campaigner.com/csb/Public/show/g8ff-1qhriz--oi51h-d3phdr59
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 03 Feb 2020 19:56:11 GMT
Cache-Control
no-cache
Server
WEB03
Content-Type
image/gif
Content-Length
77
Expires
-1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Domain/Path Name / Value
secure.campaigner.com/ Name: .ASPXANONYMOUS
Value: TlD50V0R1gEkAAAAYmNlNDc5OGMtY2EwMy00NjljLTk5MDAtZDhlNzJlMzJhNDgwJ_fWFJOG_IhWCnmmOrBAVaWVIjk1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *
X-Content-Security-Policy frame-ancestors *
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

branding.revenuestripe.com
g.dmsgs.com
images-prod.powerinboxedge.com
partiallypolitics.com
secure.campaigner.com
stripe.rs-2099-a.com
trk.cp20.com
usmagazine-trending-news.com
13.35.253.104
143.204.214.66
198.71.233.109
216.24.224.100
216.24.224.42
2606:4700:3032::681c:670
70.37.54.108
8.224.216.245
00565bdc7a5337a1e2931f62b1bcb03eb2f2f2fe5280e53b02167547c037e65a
0230f3f0463f0d38aec7a025a21da9674ff190699f91bf3c054caec8f5e41d30
14926e95f9d99cf5a4dc78843c045d36ce128e862156448bf30784e8f4eb884e
18d02b59c3bcde90ba51955da0b6b9b523da3c07090286f84e9b3d4d4f7eaa51
200bd1b02eab6515839fda89aa5eb836496833b1945470f50c9c774ca595da23
2356dce9b1378ae5e81d1f447a653affc7cdff127dd87a3fe64c0b707d5a4779
28c2246b45da026a89f24e43e54495e19db996040fe0bace2d1a2d01d27846b0
2c28cdec1834bc859fe1d7ba835b32172282a83283584e2084fe0646bcfa06b3
2e850f50ddfb3fd782d666256a60155a79fa9922910ae7fa889d4c8ec968c8b4
3e8f432938bb68e2d2ee6cfb81dae2885267c58b1abc04f663266eb0ee028d5b
532952e4a838a3809b78bc86940711c091242da637b4da082f8e35ea2051ee6d
6c46fe96a0b0eeb980b5602e07745b677e63061e0c96f0f4dc2a9b8a20dd7649
7298ac333bec1e6e6cdbccfb3688f900510770ec58fa83db582430c624e3b609
843630b029a0f48dbad89b365e9b1b90fe8c19b3586d2f43090b95814d91751b
8ed6c2693121ee9d828dbbb05bd01d1b946ce9bd892bf9ddd2e54bc332344038
95cc4795236fab4fd79c8f2adfe704397fc7d0a01510c99b51702ef3e32ad43f
967f2ff087e4c912a6f46dab9bb217019061cb78762042475703ea7e257acc40
99ad085659e0aa43f9cfa4f40ae87b3cad51ce4dd246588b230bdffdfa9f6af7
d96fa693f4649530b8fce694e0b8ffd09688a1566321d19909a10e1ab07abc56
d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1
e59300e0e5efc6b23adc117f9c8d9ddbd2981773a1c49226c7e427df583691f1