donate.stevebullock.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.ngpvan.com/k/10435819/104849065/-682366752?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMjkvMS8...
Effective URL:
https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Submission: On October 01 via api (October 1st 2019, 1:44:12 am UTC) from US

Summary HTTP 50 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 50 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is donate.stevebullock.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 12th 2019. Valid for: 2 years.

This is the only time donate.stevebullock.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2 2	2606:4700:30:... 2606:4700:30::681b:a340	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
9	2600:9000:214... 2600:9000:214f:6800:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	40.114.13.25 40.114.13.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
3	13.32.158.32 13.32.158.32	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	143.204.208.204 143.204.208.204	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 9	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
50	15

14 45.60.33.183 (United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)

click.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
donate.stevebullock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:30::681b:a340 (United States) 2 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

stevebullock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:214f:6800:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.158.32 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-158-32.fra56.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.208.204 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-204.fra53.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	480 KB
11	stevebullock.com 2 redirects stevebullock.com donate.stevebullock.com	35 KB
10	google-analytics.com 1 redirects ssl.google-analytics.com www.google-analytics.com	35 KB
6	ngpvan.com 1 redirects click.ngpvan.com profile.ngpvan.com fastaction.ngpvan.com actions.ngpvan.com secure.ngpvan.com	6 KB
3	verygoodvault.com js.verygoodvault.com	4 KB
2	doubleclick.net stats.g.doubleclick.net	204 B
2	twitter.com platform.twitter.com	28 KB
2	facebook.net connect.facebook.net	60 KB
2	googletagmanager.com www.googletagmanager.com	46 KB
1	visualstudio.com dc.services.visualstudio.com	570 B
1	everyaction.com secure.everyaction.com	1 KB
1	facebook.com staticxx.facebook.com
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	windows.net nvlupin.blob.core.windows.net	11 KB
50	14

	Domain	Requested by
9	www.google-analytics.com	1 redirects www.googletagmanager.com donate.stevebullock.com
9	d3rse9xjbp8270.cloudfront.net	donate.stevebullock.com d3rse9xjbp8270.cloudfront.net
9	donate.stevebullock.com	donate.stevebullock.com az416426.vo.msecnd.net
3	js.verygoodvault.com	d3rse9xjbp8270.cloudfront.net js.verygoodvault.com
2	stats.g.doubleclick.net	donate.stevebullock.com
2	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
2	platform.twitter.com	donate.stevebullock.com platform.twitter.com
2	connect.facebook.net	donate.stevebullock.com connect.facebook.net
2	www.googletagmanager.com	donate.stevebullock.com d3rse9xjbp8270.cloudfront.net
2	stevebullock.com	2 redirects
1	dc.services.visualstudio.com	az416426.vo.msecnd.net
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	secure.everyaction.com	az416426.vo.msecnd.net
1	actions.ngpvan.com	donate.stevebullock.com
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	staticxx.facebook.com	connect.facebook.net
1	ssl.google-analytics.com	donate.stevebullock.com
1	az416426.vo.msecnd.net	donate.stevebullock.com
1	nvlupin.blob.core.windows.net	donate.stevebullock.com
1	click.ngpvan.com	1 redirects
50	21

This site contains links to these domains. Also see Links.

Domain
www.stevebullock.com
fastaction.ngpvan.com
www.ngpvan.com

Subject Issuer	Validity	Valid
clusteroa-khkpu.ngpvanapp.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-12` - `2021-02-20`	2 years	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 5	`2019-05-22` - `2021-05-22`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.ngpvan.com RapidSSL RSA CA 2018	`2018-02-08` - `2021-02-07`	3 years	crt.sh
*.verygoodvault.com Amazon	`2019-05-15` - `2020-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-09-05` - `2019-11-28`	3 months	crt.sh
*.everyaction.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-19` - `2021-02-18`	2 years	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2019-08-30` - `2021-08-30`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Frame ID: 70F1D59B4527582FE41541FE543B3785
Requests: 48 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fdonate.stevebullock.com
Frame ID: 55B10403C70EE795BA9B665001060A24
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter.php?version=44
Frame ID: 3F7B1681E8364DB512EF2D60930CCDE1
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&fieldId=randomId109596313936107028&formId=randomId109546561735041306&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations=validCardNumber&validations=required
Frame ID: EA378C81732092A79B17B049C399CE25
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&fieldId=randomId1012607385289515616&formId=randomId109546561735041306&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: AB42F9652184A720A7799A07B198E7C2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.ngpvan.com/k/10435819/104849065/-682366752?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Z... HTTP 302
http://stevebullock.com/eoq HTTP 301
https://stevebullock.com/eoq HTTP 301
https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

50
Requests

100 %
HTTPS

53 %
IPv6

14
Domains

21
Subdomains

15
IPs

5
Countries

727 kB
Transfer

2223 kB
Size

7
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.stevebullock.com/
Title:

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.ngpvan.com/?utm_source=act.myngp.com&utm_medium=poweredby&utm_campaign=ngpnext
Title: NGP VAN

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.ngpvan.com/k/10435819/104849065/-682366752?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMjkvMS83NDc3MiIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICJiMDI3MTJmYS1kMGUzLWU5MTEtYjVlOS0yODE4Nzg0ZDZkNjgiLA0KICAiRW1haWxBZGRyZXNzIjogInNsYW5kZWZlbGRAcGVya2luc2NvaWUuY29tIg0KfQ@3D@3D@hmac%3Dgs0TnyYtMDAvyxFWdqxOLGUJ4ScWZTTncqDayR9PseM%3D@emci%3Dbb89c863-d0e3-e911-b5e9-2818784d6d68@emdi%3Db02712fa-d0e3-e911-b5e9-2818784d6d68@ceid%3D258845 HTTP 302
http://stevebullock.com/eoq HTTP 301
https://stevebullock.com/eoq HTTP 301
https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=924152024&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Minimal&ev=18&_u=YEDAAEAB~&jid=821520116&gjid=1858193577&cid=1785218978.1569894235&tid=UA-28243511-20&_gid=829651497.1569894235&_r=1&gtm=2wg9i15L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP29%2F1%2F74772&cd4=1003721&cd5=NFC%20EOQ%20-%20September&cd6=ecsGW-8PZk6UwPMOG9XO0w2&z=1543839573 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1785218978.1569894235&jid=821520116&_gid=829651497.1569894235&gjid=1858193577&_v=j79&z=1543839573

50 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set ecsGW-8PZk6UwPMOG9XO0w2 Show response
donate.stevebullock.com/onlineactions/
Redirect Chain

https://click.ngpvan.com/k/10435819/104849065/-682366752?nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9OR1AvTkdQMjkvMS83NDc3MiIsDQogICJEaXN0cmlidXRpb25VbmlxdWVJZCI6ICJiMDI3MTJmYS1kMGUzLWU5MTEtYjV...
http://stevebullock.com/eoq
https://stevebullock.com/eoq
https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

10 KB
5 KB

537ms
467ms

Document
text/html

45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

598d8ea6454198924b62b13dd07bd7b4cc49cc449a0cac8a41d3164432a5a90b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: donate.stevebullock.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Cookie: __cfduid=d977c782f18fdc3bb68b67f0d9cdb613e1569894232
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: TiPMix=77.709293867326; path=/; HttpOnly; Domain=donate.stevebullock.com; Max-Age=3600 x-ms-routing-name=self; path=/; HttpOnly; Domain=donate.stevebullock.com; Max-Age=3600 visid_incap_1983876=oz2NxO+1TaSKS1R6cS+RlVevkl0AAAAAQUIPAAAAAADt9IeajsxvLOQ8/qlAq7gi; expires=Tue, 29 Sep 2020 14:05:07 GMT; path=/; Domain=.stevebullock.com nlbi_1983876=j+djBggQHi2FZz9JbNEK1QAAAAD3ezOXE9hF7tV5qaIaaJFB; path=/; Domain=.stevebullock.com incap_ses_727_1983876=sW8abugr2BzJ3Of7z9MWClivkl0AAAAAqAf5dMK9EX6lkVuKFuaeTg==; path=/; Domain=.stevebullock.com ___utmvmzyuIvopB=TtkalBDQHvE; path=/; Max-Age=900 ___utmvazyuIvopB=rvOShTv; path=/; Max-Age=900 ___utmvbzyuIvopB=uZg XLUOTalT: vtY; path=/; Max-Age=900
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Tue, 01 Oct 2019 01:43:52 GMT
X-Iinfo: 14-147277168-147277177 NNNN CT(87 179 0) RT(1569894231630 38) q(0 0 3 0) r(5 5) U12
X-CDN: Incapsula
Transfer-Encoding: chunked

Redirect headers

status: 301
date: Tue, 01 Oct 2019 01:43:52 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d977c782f18fdc3bb68b67f0d9cdb613e1569894232; expires=Wed, 30-Sep-20 01:43:52 GMT; path=/; domain=.stevebullock.com; HttpOnly; Secure
redirecttype: Quick Page Post Redirect - Quick
x-redirect-by: WordPress
location: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 51eabf878dd2cbbc-VIE

GET
H/1.1 200
OK published.css
donate.stevebullock.com/Content/css/forms/ 389 B
1012 B 371ms
370ms Stylesheet
text/css 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.stevebullock.com/Content/css/forms/published.css
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 01:43:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Sep 2019 23:48:42 GMT
X-CDN: Incapsula
Etag: "069f0997b6ed51:0"
Content-Type: text/css
X-Iinfo: 14-147277168-147276650 2VNN RT(1569894231630 522) q(0 0 0 -1) r(4 4) U18
Content-Length: 237

GET
H/1.1 200
OK script-error Show response
donate.stevebullock.com/js/ 228 B
1 KB 151ms
135ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.stevebullock.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Iinfo: 5-79257896-79257898 NNNN CT(0 0 0) RT(1569894232157 10) q(0 0 0 -1) r(1 1) U4
Content-Length: 258
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Last-Modified: Tue, 01 Oct 2019 01:43:53 GMT
X-Frame-Options: SAMEORIGIN
Date: Tue, 01 Oct 2019 01:43:52 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: Wed, 30 Sep 2020 01:43:53 GMT

GET
H/1.1 200
OK Bullock_3C-250.png
nvlupin.blob.core.windows.net/images/van/NGP/NGP29/1/74772/images/ 11 KB
11 KB 455ms
110ms Image
image/png 52.239.157.138
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/NGP/NGP29/1/74772/images/Bullock_3C-250.png
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1031b65793f501cb09244252331325828e0e576bd17f9d15ef2c725352febd21

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Tue, 01 Oct 2019 01:43:53 GMT
Last-Modified: Tue, 14 May 2019 14:50:46 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D6D87B8C5E4B19
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 9301e292-101e-0023-12f9-777e33000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 11132

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 882 KB
254 KB 34ms
10ms Script
application/javascript 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84a8e1f876372e9d5605ed475a1afd545b3cd45c0f044b6a14fa931c82b17839

Request headers

Sec-Fetch-Mode: cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Origin: https://donate.stevebullock.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 14:23:41 GMT
content-encoding: gzip
age: 40812
x-cache: Hit from cloudfront
status: 200
content-length: 258946
access-control-allow-origin: *
last-modified: Thu, 26 Sep 2019 13:37:17 GMT
server: AmazonS3
etag: "211e6ae1db4d83d678ba9ef73d6fe384"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: fQ7fAiTMLoZNHTgRPEHxcVvsiQx5tcy8T7qpI7pKymp02FXOdUBxYw==

GET
H/1.1 200
OK base-js.gif
donate.stevebullock.com/Content/images/ 35 B
782 B 387ms
373ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.stevebullock.com/Content/images/base-js.gif
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Iinfo: 2-33672200-33668044 2VNN RT(1569894232213 11) q(0 0 0 -1) r(3 3) U18
Date: Tue, 01 Oct 2019 01:43:53 GMT
Last-Modified: Wed, 18 Sep 2019 23:48:42 GMT
X-CDN: Incapsula
Etag: "069f0997b6ed51:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK _Incapsula_Resource Show response
donate.stevebullock.com/ 114 KB
16 KB 16ms
15ms Script
application/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://donate.stevebullock.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1623268381
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 45209b8b74d9538a8b1d9c8be0bf16b90fb53f61c963b3c1bf0df1bc4a07c040

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache
X-Robots-Tag: noindex
Content-Length: 16627
Content-Type: application/javascript

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 95 KB
22 KB 49ms
8ms Script
application/x-javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 01 Oct 2019 01:43:53 GMT
content-encoding: gzip
content-md5: 7JhCKwvLjoUoS5N/nN9LRA==
x-cache: HIT
status: 200
content-length: 21636
x-ms-lease-status: unlocked
last-modified: Tue, 11 Jun 2019 21:34:18 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D6EEB48F61B4AC
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b5aa30da-f01e-004c-4378-7723fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400, immutable
x-ms-version: 2009-09-19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 68 KB
23 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76e11535e5c97d0eed07d4649f4f6cb7eb056d249a9e00b5c3e4359075a28d28

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 01:43:53 GMT
content-encoding: br
last-modified: Tue, 01 Oct 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23678
x-xss-protection: 0
expires: Tue, 01 Oct 2019 01:43:53 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 11ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

683e1aecc56ba96d20e5a0449d14c9b8997730786c2f0340f146e12a0d9c705a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XmPBbEXkt2ofRAHU5zwU+Q==
status: 200
content-length: 1780
etag: "40e58c33d0ace22bf7fe22b8efafff1a"
x-fb-debug: QjZqLNXXS4CECGAmZiSTJysO+CWViomyz5SqiuefFjCd/qjFqWbqBCQOCBzGsW31ePTWRtnqrhrmxXdFoUmzuQ==
x-fb-trip-id: 420120009
x-fb-content-md5: 45715457acbc483f03db8aa665d76df2
x-frame-options: DENY
date: Tue, 01 Oct 2019 01:43:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 01 Oct 2019 01:47:30 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
28 KB 46ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41A0) /
Resource Hash: 45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 01:43:53 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Sep 2019 17:14:55 GMT
Server: ECS (fcn/41A0)
Etag: "2de633c541519a6e0e3cc9b2a90013da+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28608

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:806::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 318
date: Tue, 01 Oct 2019 01:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17168
expires: Tue, 01 Oct 2019 03:38:35 GMT

GET
H/1.1 200
OK with-js.gif
donate.stevebullock.com/Content/images/ 35 B
306 B 425ms
424ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.stevebullock.com/Content/images/with-js.gif
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-Iinfo: 2-33672200-33668243 2VNN RT(1569894232213 472) q(0 0 0 -1) r(5 5) U18
Date: Tue, 01 Oct 2019 01:43:53 GMT
Last-Modified: Wed, 18 Sep 2019 23:48:42 GMT
X-CDN: Incapsula
Etag: "069f0997b6ed51:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK widget_iframe.d6364fae9340b0be5f13818370141fd0.html
platform.twitter.com/widgets/ Frame 55B1 0
0 9ms
8ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.d6364fae9340b0be5f13818370141fd0.html?origin=https%3A%2F%2Fdonate.stevebullock.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4186) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 01 Oct 2019 01:43:53 GMT
Etag: "7d3f6ed140174a20e7c8be261a70a863+gzip"
Last-Modified: Tue, 17 Sep 2019 17:14:06 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4186)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5816

GET
H/1.1 200
OK _Incapsula_Resource
donate.stevebullock.com/ 1 B
113 B 6ms
5ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://donate.stevebullock.com/_Incapsula_Resource?SWKMTFSR=1&e=0.5026696904845629
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Cache-Control: no-cache
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 195 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=8d572f9d8552b5358500f1ec4ffa95d4&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

972011776e1ef949e6ecf16133738cd067930fc665af637b37a5f407c344eca7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Sec-Fetch-Mode: cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Origin: https://donate.stevebullock.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: yxHF9S5RBGlAm4F3gi8XAw==
status: 200
content-length: 59104
etag: "9f5cf8289f5ef23d03a2be277069e7a6"
x-fb-debug: 0DMtbjA0O3e9PhwUP6i0LA30TndbgkzwvXV38L3P/5V9eVKVDuTb0qPZle6IpAJvpJB3e3AdQ6vHGz+37VSDMA==
x-fb-trip-id: 420120009
x-fb-content-md5: 68423144b7d1b3a08dc5faa32d75508c
x-frame-options: DENY
date: Tue, 01 Oct 2019 01:43:53 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 30 Sep 2020 01:16:14 GMT

GET
H/1.1 200
OK identity Show response
profile.ngpvan.com/ 72 B
959 B 546ms
104ms Script
text/javascript 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

de85aacd8c8a067941e1094fcb8828823796720667f55b472b26ee19a8d27503

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 01 Oct 2019 01:43:53 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type: text/javascript; charset=utf-8
Content-Length: 192
ETag: W/"48-vBcSH69REm9WNXoMRHZmiC+mzPQ"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 70 KB
23 KB 15ms
15ms Script
application/javascript 2a00:1450:4001:814::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7652d56038574c3a4b342fcccc41f9a75c6dfedd62250fd03f99d67fb0ca2b9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 01 Oct 2019 01:43:53 GMT
content-encoding: br
last-modified: Tue, 01 Oct 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 23160
x-xss-protection: 0
expires: Tue, 01 Oct 2019 01:43:53 GMT

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 107 KB
20 KB 29ms
8ms Stylesheet
text/css 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00d577147b168b367d2626900d16d6b78295252a62ba8f8792457ff0767b2447

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 14:07:49 GMT
content-encoding: gzip
age: 41764
x-cache: Hit from cloudfront
status: 200
content-length: 20045
access-control-allow-origin: *
last-modified: Thu, 26 Sep 2019 13:37:17 GMT
server: AmazonS3
etag: "a9d88fb8d7ab25fca2c7022d6deacec9"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 45EM2F5Jc0ZwzkNKxnLN6BzacnwCu6uWMMrFDSbqlv_Sufh6GSGQ0Q==

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 93 KB
20 KB 13ms
9ms Stylesheet
text/css 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab9dee38b737bb97d2766443b3e2ec825c4560b6773467180fa67a4d95c153f3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 14:07:49 GMT
content-encoding: gzip
age: 41764
x-cache: Hit from cloudfront
status: 200
content-length: 20114
access-control-allow-origin: *
last-modified: Thu, 26 Sep 2019 13:37:17 GMT
server: AmazonS3
etag: "0d56d10e2e865cb5a540f4f84725c083"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: mxuwarjZmshOa-MFuImtKrm3YZxXYP6nlw35F6YOd-_insGKrU9qEg==

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 9 KB
4 KB 75ms
19ms Script
application/javascript 13.32.158.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 64a207cd38114f4d6e908aee83b78174b25b2770058775d35f9db17fb7724789

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: O0BYcMHc6j6YdpFAtCQ94ElH7tVCZSOL
Content-Encoding: gzip
Last-Modified: Thu, 19 Sep 2019 21:45:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56
Date: Tue, 01 Oct 2019 01:43:53 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: VfGY71e_nDHyZbMjs6eUFfcsDL4k37wJgDjT6Rt_4hq77-LRgq4Kmw==

GET
H/1.1 200
OK ecsGW-8PZk6UwPMOG9XO0w2 Show response
donate.stevebullock.com/v1/Forms/ 21 KB
8 KB 228ms
224ms XHR
application/json 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.stevebullock.com/v1/Forms/ecsGW-8PZk6UwPMOG9XO0w2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

7b6f507d063548060fec7b64fe11a5ee13d9a7f47a2f1eccab9f0c0a90d413e4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
X-Requested-With: XMLHttpRequest
Request-Id: |OUZ0O.Oitfp
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 2-33672200-33672242 NNNN CT(0 0 0) RT(1569894232213 960) q(0 0 0 -1) r(2 2) U2
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Tue, 01 Oct 2019 01:43:54 GMT
Date: Tue, 01 Oct 2019 01:43:54 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
ETag: "d796b40b-d6a2-4644-9686-5d069889d691"
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: -1

GET
H2 200 xd_arbiter.php
staticxx.facebook.com/connect/ Frame 3F7B 0
0 6ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter.php?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=8d572f9d8552b5358500f1ec4ffa95d4&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter.php?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Response headers

status: 200
content-encoding: br
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Tue, 29 Sep 2020 21:36:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-debug: FVkSWhR2mJK6Wt2WkCMKbg9JQdhKyi8wJRthbvLeeztL7JjKN8/5MxCw66dpd96/am90CL8k8CKQklCpVZXmZA==
content-length: 11821
x-fb-trip-id: 420120009
date: Tue, 01 Oct 2019 01:43:54 GMT

GET
H/1.1 200
OK sweetspot.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 8 KB
9 KB 53ms
11ms Script
application/x-javascript 143.204.208.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-204.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 30 Sep 2019 08:46:46 GMT
Via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
Age: 61029
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8149
Last-Modified: Wed, 01 Mar 2017 15:31:32 GMT
Server: AmazonS3
ETag: "37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: nKNRhq_vrnML46VkCDfz5kvz6BStruqZ2445mMPTQ9aydaNkkfhUHA==

GET
H2 200 ngpvan-logo-16.png
d3rse9xjbp8270.cloudfront.net/images/ 617 B
1 KB 7ms
7ms Image
image/png 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/images/ngpvan-logo-16.png
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 29 Sep 2019 09:22:45 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 145270
x-cache: Hit from cloudfront
status: 200
content-length: 617
last-modified: Tue, 06 Aug 2019 22:41:03 GMT
server: AmazonS3
etag: "3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: R8HA_nD7UeP4g6qWI1aC6zl8aYbpJXGT-_yGRTz-z1eHyuJqmN68uQ==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 3622
date: Tue, 01 Oct 2019 00:43:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Tue, 01 Oct 2019 02:43:32 GMT

GET
H/1.1 200
OK identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 453ms
405ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1569894234215=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

42edec687180a15f87352b212229a723cd06b053c163b71af7354e825b6892cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Powered-By: Express
Transfer-Encoding: chunked
P3p: CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo: 5-79258017-79258021 NNNN CT(89 192 0) RT(1569894233481 20) q(0 0 2 2) r(4 4) U4
Date: Tue, 01 Oct 2019 01:43:54 GMT
Connection: keep-alive
Content-Encoding: gzip
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server: Cowboy
Etag: W/"ba-2345937239"
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK gtmtools.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 4 KB
5 KB 8ms
8ms Script
application/javascript 143.204.208.204
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/gtmtools.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.208.204 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-208-204.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 17 Aug 2019 06:47:50 GMT
Via: 1.1 f960fa0538fdb326fc338e984fa7ece9.cloudfront.net (CloudFront)
Age: 14946
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4233
Last-Modified: Tue, 06 Aug 2019 21:06:21 GMT
Server: AmazonS3
ETag: "9e70537eecebd0e559cbe41c8facec34"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA53-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 1cFuLAR2-0wIHY0gCBgivpQ2ugzZf12MlWWtgkP17hbz9vZ65inLmg==

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/fonts/ 94 KB
95 KB 16ms
16ms Font
binary/octet-stream 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Sec-Fetch-Mode: cors
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin: https://donate.stevebullock.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 30 Sep 2019 10:52:50 GMT
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)
age: 53465
x-cache: Hit from cloudfront
status: 200
content-length: 96388
last-modified: Tue, 06 Aug 2019 22:40:56 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: GzaXJL0qmyXrNaSP73VWpWUzMTAUshUxKHiSQuJI_4zXdEg2wNZWcw==

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/ 229 KB
51 KB 11ms
10ms Script
application/javascript 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/intl-tel.input.utils.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 17 Sep 2019 02:28:36 GMT
content-encoding: gzip
age: 1206919
x-cache: Hit from cloudfront
status: 200
content-length: 51946
access-control-allow-origin: *
last-modified: Tue, 06 Aug 2019 22:39:22 GMT
server: AmazonS3
etag: "428c67098f93f60d74773142fdcf64b4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: FITMCzXWayNSNM255CdnMBP2p8ScyDt4DFyYejzs6av5W5h86GFZ7w==

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.png
d3rse9xjbp8270.cloudfront.net/images/ 20 KB
20 KB 13ms
12ms Image
image/png 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/images/flags.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 25 Sep 2019 20:28:33 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 450922
x-cache: Hit from cloudfront
status: 200
content-length: 20389
last-modified: Tue, 06 Aug 2019 22:41:02 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: 8YrGwizxrB8G0oPs-eS_vwry5OMvCArOkSBQGTp1c48yCCcBnbDRwg==

GET
H2 200 cc.png
d3rse9xjbp8270.cloudfront.net/images/ 3 KB
4 KB 378ms
378ms Image
image/png 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/images/cc.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 23 Sep 2019 19:01:57 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: RefreshHit from cloudfront
status: 200
content-length: 3392
last-modified: Tue, 06 Aug 2019 22:41:02 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-storage-class: REDUCED_REDUNDANCY
x-amz-cf-id: rsxDCm42kkP7s3PTirGJwTBZcpYeC_-K-3lCOd4etoW1H2UZDRGR0w==

GET
H/1.1 200
OK ecsGW-8PZk6UwPMOG9XO0w2
actions.ngpvan.com/v1/Track/ 0
1 KB 443ms
397ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.ngpvan.com/v1/Track/ecsGW-8PZk6UwPMOG9XO0w2

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Tue, 01 Oct 2019 01:43:54 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 14-147277501-147277507 NNNN CT(87 179 0) RT(1569894233654 15) q(0 0 3 0) r(4 4) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 fast-action.png
d3rse9xjbp8270.cloudfront.net/images/ 1019 B
1 KB 10ms
10ms Image
image/png 2600:9000:214f:6800:12:303c:8700:21
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/images/fast-action.png
Requested by: Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:6800:12:303c:8700:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 27 Sep 2019 22:45:50 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
age: 269885
x-cache: Hit from cloudfront
status: 200
content-length: 1019
last-modified: Tue, 06 Aug 2019 22:41:02 GMT
server: AmazonS3
etag: "fe324c0498d28e434d58e6d547ba19a1"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: TqDf1prFfgAIOI2yytd2Pi7z5q8MPZuvTmQBxJr54apNuCClUHmtSg==

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame EA37 0
0 381ms
381ms Document
text/html 13.32.158.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&fieldId=randomId109596313936107028&formId=randomId109546561735041306&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&type=card-number&validations=validCardNumber&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Response headers

Content-Type: text/html
Content-Length: 288
Connection: keep-alive
Date: Thu, 19 Sep 2019 22:53:26 GMT
Last-Modified: Thu, 19 Sep 2019 21:46:09 GMT
ETag: "12173d2d5861328026362895698bd703"
x-amz-version-id: v.sr66w.kcO.fFeIyHRfJ3sRl4po02Tk
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: RefreshHit from cloudfront
Via: 1.1 94d63cbf92082237b86267ffd4cacc64.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: dfkRZMQ1C4KEJs_IfDuRV1ITR29IfzadeKtnmHbjHSKQzgXjr23sNA==

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame AB42 0
0 366ms
352ms Document
text/html 13.32.158.32
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&fieldId=randomId1012607385289515616&formId=randomId109546561735041306&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.32.158.32 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-32-158-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Response headers

Content-Type: text/html
Content-Length: 288
Connection: keep-alive
Date: Thu, 19 Sep 2019 22:53:26 GMT
Last-Modified: Thu, 19 Sep 2019 21:46:09 GMT
ETag: "12173d2d5861328026362895698bd703"
x-amz-version-id: v.sr66w.kcO.fFeIyHRfJ3sRl4po02Tk
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 bce55e537f8dfcf0127f649d11fd1821.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56
X-Amz-Cf-Id: B4GN063MWuFHAOnPz31jE8Gw4JJZ9q1LJAUSnXYVA4p0nTnhnxRjmQ==

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
111 B 13ms
12ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=924152024&t=timing&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Downloading&utl=v1&utt=266&_u=YEBAAEAB~&jid=1078042000&gjid=184375035&cid=1785218978.1569894235&tid=UA-28243511-22&_gid=829651497.1569894235&_r=1&gtm=2wg9i15L2FSL&z=413985451

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Oct 2019 01:43:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=924152024&t=event&ni=1&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1785218978.1569894235&jid=821520116&_gid=829651497.1569894235&gjid=1858193577&_v=j79&z=1543839573

35 B
102 B

17ms
17ms

Image
image/gif

2a00:1450:400c:c06::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1785218978.1569894235&jid=821520116&_gid=829651497.1569894235&gjid=1858193577&_v=j79&z=1543839573

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Oct 2019 01:43:54 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 01 Oct 2019 01:43:54 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1785218978.1569894235&jid=821520116&_gid=829651497.1569894235&gjid=1858193577&_v=j79&z=1543839573
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=924152024&t=pageview&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgEAB~&jid=1914593879&gjid=2131062471&cid=1785218978.1569894235&tid=UA-28243511-20&_gid=829651497.1569894235&gtm=2wg9i15L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FNGP%2FNGP29%2F1%2F74772&cd4=1003721&cd5=NFC%20EOQ%20-%20September&cd6=ecsGW-8PZk6UwPMOG9XO0w2&z=1065260207

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 19:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3306782
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 15ms
15ms Image
image/gif 2a00:1450:400c:c06::9c
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-28243511-20&cid=1785218978.1569894235&jid=1914593879&gjid=2131062471&_gid=829651497.1569894235&_u=YGDAgEAB~&z=1945267709

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 01 Oct 2019 01:43:54 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=924152024&t=timing&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Processing&utl=v1&utt=27&_u=YGDAAEAB~&jid=&gjid=&cid=1785218978.1569894235&tid=UA-28243511-22&_gid=829651497.1569894235&gtm=2wg9i15L2FSL&z=1655432751

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 19:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3306782
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=924152024&t=timing&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Render&utl=v1&utt=141&_u=YGDAAEAB~&jid=&gjid=&cid=1785218978.1569894235&tid=UA-28243511-22&_gid=829651497.1569894235&gtm=2wg9i15L2FSL&z=1752508623

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 19:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3306782
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=924152024&t=timing&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Fill&utl=v1&utt=10&_u=YGDAAEAB~&jid=&gjid=&cid=1785218978.1569894235&tid=UA-28243511-22&_gid=829651497.1569894235&gtm=2wg9i15L2FSL&z=502333527

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 19:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3306782
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=924152024&t=timing&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Form&utl=v1&utt=455&_u=YGDAAEAB~&jid=&gjid=&cid=1785218978.1569894235&tid=UA-28243511-22&_gid=829651497.1569894235&gtm=2wg9i15L2FSL&z=164267069

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 19:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3306782
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
4ms Image
image/gif 2a00:1450:4001:81a::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=924152024&t=timing&_s=1&dl=https%3A%2F%2Fdonate.stevebullock.com%2Fonlineactions%2FecsGW-8PZk6UwPMOG9XO0w2&ul=en-us&de=UTF-8&dt=Bullock%20for%20President&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Total&utt=585&_u=YGDAAEAB~&jid=&gjid=&cid=1785218978.1569894235&tid=UA-28243511-22&_gid=829651497.1569894235&gtm=2wg9i15L2FSL&z=2037058073

Requested by

Host: donate.stevebullock.com
URL: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 19:10:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 3306782
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK nvtag Show response
profile.ngpvan.com/v2/data/GZre7eZxejbOKHJlnvjZwC0F/ 2 B
794 B 414ms
121ms XHR
application/json 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/GZre7eZxejbOKHJlnvjZwC0F/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Tue, 01 Oct 2019 01:43:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://donate.stevebullock.com
Access-Control-Allow-Credentials: true
Content-Length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H/1.1 204
No Content GZre7eZxejbOKHJlnvjZwC0F Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 148ms
110ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/GZre7eZxejbOKHJlnvjZwC0F

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Tue, 01 Oct 2019 01:43:54 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://donate.stevebullock.com
X-Iinfo: 5-79258141-79258144 NNNN CT(0 0 0) RT(1569894234546 13) q(0 0 0 0) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content GZre7eZxejbOKHJlnvjZwC0F Show response
secure.ngpvan.com/Databag/Profile/ 0
1 KB 413ms
371ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/GZre7eZxejbOKHJlnvjZwC0F

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Tue, 01 Oct 2019 01:43:55 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://donate.stevebullock.com
X-Iinfo: 14-147277689-147277697 NNNN CT(87 183 0) RT(1569894234540 24) q(0 0 3 0) r(4 4) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content GZre7eZxejbOKHJlnvjZwC0F Show response
donate.stevebullock.com/Databag/Profile/ 0
1 KB 108ms
108ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://donate.stevebullock.com/Databag/Profile/GZre7eZxejbOKHJlnvjZwC0F

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
X-Requested-With: XMLHttpRequest
Request-Id: |OUZ0O.0rrrs
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Tue, 01 Oct 2019 01:43:55 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 2-33672200-33672242 SNNN RT(1569894232213 2316) q(0 0 0 0) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
570 B 511ms
511ms XHR
application/json 51.140.6.23
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7acd994005f04a39f775d8d21a566ab63a04cc7c3bfe0f25f0ca50c069cac6b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://donate.stevebullock.com/onlineactions/ecsGW-8PZk6UwPMOG9XO0w2
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 50DE43DC-9E46-4E2D-8874-33D8434DD546
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Date: Tue, 01 Oct 2019 01:43:55 GMT
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
donate.stevebullock.com/	1970-01-19 04:04:55	Name: ___utmvbzyuIvopB Value: mZp XDYOQalP: vts
.donate.stevebullock.com/	1970-01-22 19:45:13	Name: ProfileDatabagId Value: GZre7eZxejbOKHJlnvjZwC0F
.stevebullock.com/	1970-01-19 12:49:48	Name: visid_incap_1983876 Value: QCKLxb7/S1Gljcc6JWUU0Vqvkl0AAAAAQUIPAAAAAAB5dUELEOUz6Wj6BSBxD9AM
.donate.stevebullock.com/	1970-01-19 04:04:57	Name: x-ms-routing-name Value: self
donate.stevebullock.com/	1970-01-19 04:04:55	Name: ___utmvmzyuIvopB Value: WiqdQwSoTHj
.stevebullock.com/	1969-12-31 23:59:59	Name: incap_ses_727_1983876 Value: 9SSnLpkHgHON3ef7z9MWClqvkl0AAAAA/2V8VGtswAAkqxlQhhTDww==
.donate.stevebullock.com/	1970-01-19 04:04:57	Name: TiPMix Value: 17.460350421006

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading (v1): 266.027099609375ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing (v1): 26.761962890625ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render (v1): 139.159912109375ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill (v1): 9.77490234375ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form (v1): 455.06494140625ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 583.7958984375ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.ngpvan.com
az416426.vo.msecnd.net
click.ngpvan.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
donate.stevebullock.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
staticxx.facebook.com
stats.g.doubleclick.net
stevebullock.com
www.google-analytics.com
www.googletagmanager.com
13.32.158.32
143.204.208.204
152.199.19.160
2600:9000:214f:6800:12:303c:8700:21
2606:2800:234:59:254c:406:2366:268c
2606:4700:30::681b:a340
2a00:1450:4001:806::2008
2a00:1450:4001:814::2008
2a00:1450:4001:81a::200e
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
40.114.13.25
45.60.33.183
51.140.6.23
52.239.157.138
00d577147b168b367d2626900d16d6b78295252a62ba8f8792457ff0767b2447
013819105effb1832cbcbcfcc6317b0045170a7f671bd953a21f0847fa1a2e6e
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
1031b65793f501cb09244252331325828e0e576bd17f9d15ef2c725352febd21
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
42edec687180a15f87352b212229a723cd06b053c163b71af7354e825b6892cc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45209b8b74d9538a8b1d9c8be0bf16b90fb53f61c963b3c1bf0df1bc4a07c040
45491009ecacd44a68ce929f718ec44a30d50b204a1c0302871ea801a2410171
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
598d8ea6454198924b62b13dd07bd7b4cc49cc449a0cac8a41d3164432a5a90b
64a207cd38114f4d6e908aee83b78174b25b2770058775d35f9db17fb7724789
683e1aecc56ba96d20e5a0449d14c9b8997730786c2f0340f146e12a0d9c705a
76e11535e5c97d0eed07d4649f4f6cb7eb056d249a9e00b5c3e4359075a28d28
7acd994005f04a39f775d8d21a566ab63a04cc7c3bfe0f25f0ca50c069cac6b7
7b6f507d063548060fec7b64fe11a5ee13d9a7f47a2f1eccab9f0c0a90d413e4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a8e1f876372e9d5605ed475a1afd545b3cd45c0f044b6a14fa931c82b17839
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
972011776e1ef949e6ecf16133738cd067930fc665af637b37a5f407c344eca7
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db
ab9dee38b737bb97d2766443b3e2ec825c4560b6773467180fa67a4d95c153f3
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
de85aacd8c8a067941e1094fcb8828823796720667f55b472b26ee19a8d27503
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7652d56038574c3a4b342fcccc41f9a75c6dfedd62250fd03f99d67fb0ca2b9
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

donate.stevebullock.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

53 %IPv6

14 Domains

21 Subdomains

15 IPs

5 Countries

727 kBTransfer

2223 kBSize

7 Cookies

9 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

donate.stevebullock.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

53 %
IPv6

14
Domains

21
Subdomains

15
IPs

5
Countries

727 kB
Transfer

2223 kB
Size

7
Cookies

50 HTTP transactions
2 data transactions