membership.anticitizen.com Open in urlscan Pro
54.87.111.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://membership.anticitizen.com/
Submission: On June 10 via api (June 10th 2024, 5:43:54 pm UTC) from US — Scanned from DE

Summary HTTP 40 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 2 countries across 8 domains to perform 40 HTTP transactions. The main IP is 54.87.111.129, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is membership.anticitizen.com.
TLS certificate: Issued by R3 on May 25th 2024. Valid for: 3 months.

This is the only time membership.anticitizen.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	54.87.111.129 54.87.111.129	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:20a... 2600:9000:20ab:b600:17:fa3:a5c0:21	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	18.245.86.54 18.245.86.54	16509 (AMAZON-02) (AMAZON-02)
2	44.209.125.155 44.209.125.155	14618 (AMAZON-AES) (AMAZON-AES)
5	2600:9000:264... 2600:9000:2646:3800:1d:16ba:9dc0:21	16509 (AMAZON-02) (AMAZON-02)
2	3.5.29.56 3.5.29.56	14618 (AMAZON-AES) (AMAZON-AES)
1	52.92.207.208 52.92.207.208	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.100 142.250.185.100	15169 (GOOGLE) (GOOGLE)
1	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	18.239.94.128 18.239.94.128	16509 (AMAZON-02) (AMAZON-02)
1	216.58.206.74 216.58.206.74	15169 (GOOGLE) (GOOGLE)
40	15

4 54.87.111.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-111-129.compute-1.amazonaws.com

membership.anticitizen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20ab:b600:17:fa3:a5c0:21 (United States)

ASN16509 (AMAZON-02, US)

d2n844f18s487r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.86.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-54.fra60.r.cloudfront.net

sockdrawer.snowstorm.samcart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.209.125.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-125-155.compute-1.amazonaws.com

snowstorm.samcart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2646:3800:1d:16ba:9dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d3uywd90fuiiyf.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.5.29.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

samcart-foundation-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.207.208 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2.amazonaws.com

s3-us-west-2.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.239.94.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-94-128.ams1.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.74 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	cloudfront.net d2n844f18s487r.cloudfront.net d3uywd90fuiiyf.cloudfront.net	424 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	332 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	7 KB
5	stripe.com js.stripe.com — Cisco Umbrella Rank: 1516	169 KB
4	anticitizen.com membership.anticitizen.com	417 KB
3	google.com www.google.com — Cisco Umbrella Rank: 5	969 B
3	amazonaws.com samcart-foundation-prod.s3.amazonaws.com — Cisco Umbrella Rank: 805726 s3-us-west-2.amazonaws.com	2 MB
3	samcart.com sockdrawer.snowstorm.samcart.com — Cisco Umbrella Rank: 728238 snowstorm.samcart.com — Cisco Umbrella Rank: 533886	25 KB
40	8

	Domain	Requested by
6	fonts.gstatic.com	fonts.googleapis.com
6	fonts.googleapis.com	membership.anticitizen.com js.stripe.com
5	js.stripe.com	membership.anticitizen.com js.stripe.com
5	d3uywd90fuiiyf.cloudfront.net	membership.anticitizen.com d3uywd90fuiiyf.cloudfront.net
4	d2n844f18s487r.cloudfront.net	membership.anticitizen.com
4	membership.anticitizen.com	d2n844f18s487r.cloudfront.net
3	www.google.com	membership.anticitizen.com www.gstatic.com
2	samcart-foundation-prod.s3.amazonaws.com	membership.anticitizen.com
2	snowstorm.samcart.com	sockdrawer.snowstorm.samcart.com
1	www.gstatic.com	www.google.com
1	s3-us-west-2.amazonaws.com	membership.anticitizen.com
1	sockdrawer.snowstorm.samcart.com	membership.anticitizen.com
40	12

This site contains links to these domains. Also see Links.

Domain
anticitizen.mysamcart.com

Subject Issuer	Validity	Valid
membership.anticitizen.com R3	`2024-05-25` - `2024-08-23`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
snowstorm.samcart.com Amazon RSA 2048 M02	`2023-10-03` - `2024-10-31`	a year	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.s3-us-west-2.amazonaws.com Amazon RSA 2048 M01	`2024-05-15` - `2025-05-13`	a year	crt.sh
*.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-05-22` - `2024-08-22`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://membership.anticitizen.com/
Frame ID: BDF4D8344C27AB01BFF0EDFE80D2186A
Requests: 34 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 80235FDEAAEC80187CC9680A6047FB5B
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-muas-control-7b86f6e2cd4719e2b01dc71501fb032a.html
Frame ID: C18F005843EC88D9B948C7049A7BDA13
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-payment-c99b58a327704375b21345884ea3b700.html
Frame ID: A83F29D402F6435204CB530D88A0020E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9tZW1iZXJzaGlwLmFudGljaXRpemVuLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=xjltlx4xiyis
Frame ID: 78B373906CA4D91CF9FF5417CB187129
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t
Frame ID: F61CFEBFE3FBD42E4289B878A30FDEEB
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-cda5e6354ef6fb6e5c4b908cbc724e43.html
Frame ID: 889E2BD698F8401E635BDEB150DAC7A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Bunker | Anticitizen OÜ

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

40
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

12
Subdomains

15
IPs

2
Countries

3699 kB
Transfer

6879 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://anticitizen.mysamcart.com/checkout/anticitizenbunker
Title: Join the ANTICITIZEN BUNKER FOR $975 PER YEAR

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

40 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
membership.anticitizen.com/ 2 MB
413 KB 722ms
414ms Document
text/html 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy nginx /
Resource Hash: 65e2ea0d2c795077f2417a1124db684b8c2cf79d3fa9e836d0b38d96ba9c2db8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 10 Jun 2024 17:43:47 GMT
server: Caddy nginx
vary: Accept-Encoding

GET
H2 200 bootstrap-2184737d7e.css
d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/ 135 KB
21 KB 155ms
42ms Stylesheet
text/css 2600:9000:20ab:b600:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/bootstrap-2184737d7e.css
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:b600:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c504c84ef00962ae0d1057c10598f8f1f7f4cd90b80e1353b26ecde10ed77b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 00:38:25 GMT
content-encoding: gzip
via: 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 14:54:49 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 1357522
etag: W/"6650aa39-21c65"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2628000, public
x-amz-cf-id: ojMcavl44LsMBkQzGyDfY0NF1klV7xnJS_Muxhf9PfzXOOni2RvE1Q==
expires: Tue, 25 Jun 2024 10:38:25 GMT

GET
H2 200 app-ff1aed829e.css
d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/ 39 KB
6 KB 198ms
85ms Stylesheet
text/css 2600:9000:20ab:b600:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/styles/app-ff1aed829e.css
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:b600:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9e7a6754478b97c36c6733dc696d2cb127fc5f06accab9ec631ab457f8844bd6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 27 May 2024 10:10:29 GMT
content-encoding: gzip
via: 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 14:54:49 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 1236798
etag: W/"6650aa39-9d09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2628000, public
x-amz-cf-id: ieb36IakcgrJK10M_-QIDnRqKTFtYcX3aVu6yQrcht5QKI2bEBHXcw==
expires: Wed, 26 Jun 2024 20:10:29 GMT

GET
H2 200 template-73c5e261c7.css
d2n844f18s487r.cloudfront.net/modules/templates/v2/launchpad/styles/ 157 KB
27 KB 165ms
53ms Stylesheet
text/css 2600:9000:20ab:b600:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/launchpad/styles/template-73c5e261c7.css
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:b600:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 19d8f3d8f0cc53b102d3ef2c32e190f471aa220a348b371e717119d82d9dab90

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 26 May 2024 12:40:58 GMT
content-encoding: gzip
via: 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront)
last-modified: Fri, 24 May 2024 14:54:49 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 1314169
etag: W/"6650aa39-2723a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=2628000, public
x-amz-cf-id: _0HlbvqCjnXr7vJswieOJsB7Ep9bM5Rrcn1PtdAlN2NTbj9bbVvrBQ==
expires: Tue, 25 Jun 2024 22:40:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 15 KB
2 KB 139ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:700|Roboto:300,400,500,700&display=swap

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f326c9e0ec6dc7c9cdfc987cd19d08771e96854056f2501b3f91d3bb8382a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 17:43:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 17:43:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 17:43:47 GMT

GET
H2 200 weoiy2hd.js Show response
sockdrawer.snowstorm.samcart.com/3.13.1/ 74 KB
25 KB 153ms
45ms Script
application/javascript 18.245.86.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sockdrawer.snowstorm.samcart.com/3.13.1/weoiy2hd.js
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-54.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dffead6a4371e5a178facab7cf528ebad143253fefe79b6b728b9003efe0adf1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 07 Jan 2024 19:52:13 GMT
content-encoding: gzip
via: 1.1 146c0f4d7da9f5b3108ac41c3becbb82.cloudfront.net (CloudFront)
x-amz-version-id: oQ6kNVb.8ZXZD06vxAoy1PasWDZWpj6u
x-amz-cf-pop: FRA60-P6
age: 13384296
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24655
last-modified: Mon, 14 Aug 2023 20:03:23 GMT
server: AmazonS3
etag: "c96219787c75e0a6f8bd5265836120a7"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: wi-OGSXUaIBaC1_L0QzkacN0wqTN827q5mHDNDg7rXgFKOM7VTvNqA==

POST
H2 200 tp2 Show response
snowstorm.samcart.com/com.snowplowanalytics.snowplow/ 2 B
335 B 385ms
118ms XHR
text/plain 44.209.125.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snowstorm.samcart.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: sockdrawer.snowstorm.samcart.com
URL: https://sockdrawer.snowstorm.samcart.com/3.13.1/weoiy2hd.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.125.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-125-155.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://membership.anticitizen.com
date: Mon, 10 Jun 2024 17:43:48 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.2.9
content-length: 2
content-type: text/plain; charset=UTF-8

OPTIONS
H2 200 tp2
snowstorm.samcart.com/com.snowplowanalytics.snowplow/ Frame 0
0 396ms
118ms Preflight 44.209.125.155
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://snowstorm.samcart.com/com.snowplowanalytics.snowplow/tp2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.125.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-125-155.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://membership.anticitizen.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://membership.anticitizen.com
access-control-max-age: 5
content-length: 0
date: Mon, 10 Jun 2024 17:43:48 GMT
server: akka-http/10.2.9

GET
H2 200 fontawesome-all.css
d3uywd90fuiiyf.cloudfront.net/css/ 53 KB
12 KB 228ms
93ms Stylesheet
text/css 2600:9000:2646:3800:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3800:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:48 GMT
content-encoding: gzip
via: 1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jul 2021 21:53:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 478
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=600,must-revalidate
x-amz-cf-id: Htk_pSd3JGcoUfgkU9oqInGXOAqtbJ5CqyfAE_V3qi9m-hZVbm1z5g==

GET
H2 200 index.css
d3uywd90fuiiyf.cloudfront.net/css/ 354 KB
51 KB 172ms
45ms Stylesheet
text/css 2600:9000:2646:3800:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/css/index.css
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3800:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7207a1248aca15e64dd15b9414e651cfa278e80bd8ef78d5368cd19c2d129650

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:39:03 GMT
content-encoding: gzip
via: 1.1 40b08d02195372b460c02aaae6d50d56.cloudfront.net (CloudFront)
last-modified: Tue, 21 May 2024 20:03:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P5
age: 398
x-amz-server-side-encryption: AES256
etag: W/"bc235cedb9815059d8cd97d65716cc68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: whzG1ctRX9BgBxjRgtvhM8dE-5rpSJToqN3GDDlzKTlQiDaahDydyA==

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 56ms
48ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bebas%20Neue|Open%20Sans

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c325de35ad174a5d73467ad5a4ca236171025d34ccb5f9715c1ffd26aeacec75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 17:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 17:43:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 17:43:48 GMT

GET
H/1.1 200
OK 2384efb0-e6ef-4daf-89fb-ceed9358e258
samcart-foundation-prod.s3.amazonaws.com/marketplace-210104/assets/ 22 KB
23 KB 512ms
146ms Image
application/octet-stream 3.5.29.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-210104/assets/2384efb0-e6ef-4daf-89fb-ceed9358e258
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.29.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d60609f07e06e7891ea836ea8979b294235475a6e7043fc83c466c228423d45e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 10 Jun 2024 17:43:49 GMT
Last-Modified: Wed, 01 May 2024 00:32:50 GMT
Server: AmazonS3
x-amz-request-id: B32PGEVPZXJCJ87B
ETag: "f79fd37919971407fa11267f6b8ba704"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 22812
x-amz-id-2: +EQuO51r8omPzaLc0RRKRktIKZHMnmFxU4AXGcAg0MuqtkS6Yb+GPMzmVjVi9vskQKmYaU4e3AHgV7j5FyyhIVFUYuVuY9/d

GET
H2 200 css
fonts.googleapis.com/ 383 B
346 B 56ms
49ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Actor

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25cc2441c15a4a0d7b0102764bee5663c0c63c50fa4389011bf2ab1e891bdb33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 17:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 17:43:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 17:43:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
512 B 68ms
62ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Alata

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

babd96a02521a95e1af591552d231d3b46c04ded9a5286c0245ee1720011e0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 17:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 17:38:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 17:43:48 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
2 KB 70ms
64ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 17:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 16:37:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 17:43:48 GMT

GET
H/1.1 200
OK 1d262948-d34e-4293-a383-b80120ccfd9d
samcart-foundation-prod.s3.amazonaws.com/marketplace-210104/assets/ 2 MB
2 MB 589ms
220ms Image
application/octet-stream 3.5.29.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://samcart-foundation-prod.s3.amazonaws.com/marketplace-210104/assets/1d262948-d34e-4293-a383-b80120ccfd9d
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 3.5.29.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 75788b80f64a9232c669f18c0d8e2e6704f4478ce0c6230f9c2ce8370e4bb12e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 10 Jun 2024 17:43:49 GMT
Last-Modified: Thu, 02 May 2024 15:51:07 GMT
Server: AmazonS3
x-amz-request-id: B32RJ161ND027MTB
ETag: "a2ea060a3beb5a6930a655b8c48af4e8"
x-amz-server-side-encryption: AES256
Content-Type: application/octet-stream
Accept-Ranges: bytes
Content-Length: 2352577
x-amz-id-2: LhxHo3y5G0+e9OIWCA5uB7N2LA2yEVJK0vucsAKgSb52wKxMfuCRsx6MedJS0lDn4m19iOhGuAPht5s/qmRQr2jPf5LWwSe5

GET
H/1.1 200
OK default_image.svg
s3-us-west-2.amazonaws.com/template-builder-assets/images/examples/ 4 KB
4 KB 890ms
226ms Image
image/svg+xml 52.92.207.208
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-us-west-2.amazonaws.com/template-builder-assets/images/examples/default_image.svg
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.92.207.208 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8cad5471f3a698e7bd1f8b38322056d668d2d215efab6a50843f3e6ca27fb88c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 10 Jun 2024 17:43:50 GMT
Last-Modified: Wed, 28 Jul 2021 21:53:42 GMT
Server: AmazonS3
x-amz-request-id: 5RR7YEWRDK5NQM9F
ETag: "d0d8a31cfb4624d1a522851f2fc167b6"
Content-Type: image/svg+xml
Cache-Control: max-age=600,must-revalidate
Accept-Ranges: bytes
Content-Length: 3795
x-amz-id-2: 03SmB81a878hiBKtYlwXymcnODfLizJedejWBSmd//I3T7uW7Pgy8tPlQIZLsr/0paIuYMRNZG0=

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
969 B 174ms
59ms Script
text/javascript 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

cae443bb12ea2b1c7d2bce65473561ff6d09b5a847f36af1666bc6d2bee29d6d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block
expires: Mon, 10 Jun 2024 17:43:48 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 612 KB
169 KB 173ms
47ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

070ae84bf9615ea9e39013d6fc01eb5201f643cae37dcbcc3234102b7938ba86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 10 Jun 2024 17:43:48 GMT
via: 1.1 varnish
age: 5
x-cache: HIT
content-length: 172170
x-request-id: 76c90fed-7eea-4957-ab54-ff69ea3ea362
x-served-by: cache-fra-etou8220028-FRA
last-modified: Mon, 10 Jun 2024 17:35:53 GMT
server: Fastly
etag: "41e0017a6ec53e6d4971da0d881e67ac"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H2 200 app-06d0b6c60e.js Show response
d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/ 490 KB
147 KB 48ms
44ms Script
application/javascript 2600:9000:20ab:b600:17:fa3:a5c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/app-06d0b6c60e.js
Requested by: Host: membership.anticitizen.com
URL: https://membership.anticitizen.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20ab:b600:17:fa3:a5c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 42ce717d93e9629f7538e7dd4e5662bd38e9703598a267fbbe97cc422115ba45

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 06 Jun 2024 15:48:47 GMT
content-encoding: gzip
via: 1.1 2b13b2ad91208ea27acb039cde3e8f42.cloudfront.net (CloudFront)
last-modified: Thu, 06 Jun 2024 15:23:40 GMT
server: nginx
x-amz-cf-pop: AMS58-P3
age: 352501
etag: W/"6661d47c-7a979"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=2628000, public
x-amz-cf-id: 8OLJPrHetpKgJN0EFLjz_AQ9iUnewj7ep-cKlkqgBGYPCTPhJtHwEg==
expires: Sun, 07 Jul 2024 01:48:47 GMT

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0ed7e6dc163c16e3171d5c2bded9722212a305d3e145d43f2ce4f416cff0101

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 wEOzEBbCkc5cO0ejVSk.woff2
fonts.gstatic.com/s/actor/v17/ 21 KB
22 KB 353ms
94ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/actor/v17/wEOzEBbCkc5cO0ejVSk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Actor

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 06:37:50 GMT
x-content-type-options: nosniff
age: 299159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21976
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:22:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 06:37:50 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 412ms
153ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

114f872abf6cae70383b09ca2168821991fde718702d79cdc457a49b03560cb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 23:54:51 GMT
x-content-type-options: nosniff
age: 236938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18260
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 01:59:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 23:54:51 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ 18 KB
18 KB 312ms
54ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas%20Neue|Open%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 08:22:17 GMT
x-content-type-options: nosniff
age: 292892
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 08:22:17 GMT

GET
H2 200 fa-solid-900.woff2
d3uywd90fuiiyf.cloudfront.net/webfonts/ 73 KB
73 KB 907ms
732ms Font
font/woff2 2600:9000:2646:3800:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/webfonts/fa-solid-900.woff2
Requested by: Host: d3uywd90fuiiyf.cloudfront.net
URL: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3800:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:50 GMT
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-length: 74256
last-modified: Wed, 28 Jul 2021 21:53:57 GMT
server: AmazonS3
etag: "418dad87601f9c8abd0e5798c0dc1feb"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600,must-revalidate
vary: Origin
accept-ranges: bytes
x-amz-cf-id: H33CjI5E26VrXHSnky35hBm6evOsKTHYJSvVTruVySfozJ_PRFFN4Q==

GET
H2 200 PbytFmztEwbIoce9zqY.woff2
fonts.gstatic.com/s/alata/v10/ 39 KB
39 KB 411ms
153ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/alata/v10/PbytFmztEwbIoce9zqY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Alata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a880ffc974b0c59d087b023f9b3ae695b73cb138e6b18b16b738b899a25275ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 09:15:21 GMT
x-content-type-options: nosniff
age: 289708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40064
x-xss-protection: 0
last-modified: Tue, 04 Jun 2024 15:43:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 09:15:21 GMT

GET
H2 200 fa-brands-400.woff2
d3uywd90fuiiyf.cloudfront.net/webfonts/ 73 KB
74 KB 981ms
807ms Font
font/woff2 2600:9000:2646:3800:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/webfonts/fa-brands-400.woff2
Requested by: Host: d3uywd90fuiiyf.cloudfront.net
URL: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3800:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:50 GMT
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-length: 74768
last-modified: Wed, 28 Jul 2021 21:53:57 GMT
server: AmazonS3
etag: "5e2f92123d241cabecf0b289b9b08d4a"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600,must-revalidate
vary: Origin
accept-ranges: bytes
x-amz-cf-id: SUNSdCm76-hcKujnP-aFk-A95d9cP9sqwej59nbrFE-5lcFqGQnWyg==

GET
H2 200 fa-regular-400.woff2
d3uywd90fuiiyf.cloudfront.net/webfonts/ 13 KB
14 KB 982ms
807ms Font
font/woff2 2600:9000:2646:3800:1d:16ba:9dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3uywd90fuiiyf.cloudfront.net/webfonts/fa-regular-400.woff2
Requested by: Host: d3uywd90fuiiyf.cloudfront.net
URL: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3800:1d:16ba:9dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://d3uywd90fuiiyf.cloudfront.net/css/fontawesome-all.css
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:50 GMT
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P5
x-cache: Miss from cloudfront
content-length: 13552
last-modified: Wed, 28 Jul 2021 21:53:57 GMT
server: AmazonS3
etag: "e6257a726a0cf6ec8c6fec22821c055f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=600,must-revalidate
vary: Origin
accept-ranges: bytes
x-amz-cf-id: ImV8BnlJcEfGoxoHlCEBJVigt1AUpBqut-HiZCxWdmgNPinZPm6ZrQ==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 297ms
40ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:700|Roboto:300,400,500,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 17:07:38 GMT
x-content-type-options: nosniff
age: 261371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 17:07:38 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/ 515 KB
205 KB 265ms
60ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 14:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 209755
x-xss-protection: 0
last-modified: Mon, 03 Jun 2024 04:00:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 10 Jun 2025 14:16:42 GMT

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame 8023 0
0 208ms
49ms Document
text/html 18.239.94.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-128.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://membership.anticitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 3572
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 16:44:17 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Thu, 30 May 2024 20:04:59 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
x-amz-cf-id: XYxmIcYjH0w46hgoerjk8aruUVMw-3gMXUt8SpThNzkzdRHUgnykZw==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 controller-with-muas-control-7b86f6e2cd4719e2b01dc71501fb032a.html
js.stripe.com/v3/ Frame C18F 0
0 149ms
51ms Document
text/html 18.239.94.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-muas-control-7b86f6e2cd4719e2b01dc71501fb032a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-128.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://membership.anticitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 57
cache-control: max-age=60, stale-while-revalidate=900
content-length: 391
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 17:42:56 GMT
etag: "7b86f6e2cd4719e2b01dc71501fb032a"
last-modified: Mon, 10 Jun 2024 17:04:55 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
x-amz-cf-id: QZJtXLzKmqJ8gXgw3dXmOb-Y9lCp2-ICHdNjMkSQbT2fR2Dx0Us6UA==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 JTUSjIg69CK48gW7PXoo9Wlhyw.woff2
fonts.gstatic.com/s/bebasneue/v14/ 13 KB
14 KB 38ms
37ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bebasneue/v14/JTUSjIg69CK48gW7PXoo9Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bebas%20Neue|Open%20Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://membership.anticitizen.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 23:54:51 GMT
x-content-type-options: nosniff
age: 236938
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13820
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:28:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 23:54:51 GMT

POST
H2 200 context Show response
membership.anticitizen.com/api/v2/checkout/ 3 KB
1 KB 207ms
207ms XHR
application/json 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://membership.anticitizen.com/api/v2/checkout/context
Requested by: Host: d2n844f18s487r.cloudfront.net
URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/app-06d0b6c60e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy, nginx /
Resource Hash: 1443ec9273bc1c1a9543b506831b43dea3df490983ce663666b5e62126abb475

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://membership.anticitizen.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:49 GMT
cache-control: no-cache, private
content-encoding: gzip
server: Caddy, nginx
alt-svc: h3=":443"; ma=2592000
vary: Accept-Encoding
content-type: application/json

GET
H3 200 css Show response
fonts.googleapis.com/ 2 KB
593 B 282ms
153ms Fetch
text/css 216.58.206.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f10.1e100.net

Software

ESF /

Resource Hash

44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Accept: application/json
Referer: https://membership.anticitizen.com/
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 10 Jun 2024 17:43:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Jun 2024 15:57:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jun 2024 17:43:49 GMT

GET
H2 200 elements-inner-payment-c99b58a327704375b21345884ea3b700.html
js.stripe.com/v3/ Frame A83F 0
0 187ms
126ms Document
text/html 18.239.94.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-payment-c99b58a327704375b21345884ea3b700.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-128.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://membership.anticitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 396
cache-control: max-age=31536000
content-length: 559
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 17:37:14 GMT
etag: "c99b58a327704375b21345884ea3b700"
last-modified: Mon, 10 Jun 2024 17:04:55 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
x-amz-cf-id: TxX4I4eEp7b0DQE5rBE3wpzH-WVryaxqB9XIxFUQk7GMbWw3-rczqg==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 78B3 0
0 307ms
75ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t&co=aHR0cHM6Ly9tZW1iZXJzaGlwLmFudGljaXRpemVuLmNvbTo0NDM.&hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&size=invisible&cb=xjltlx4xiyis

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hzmH2qcCF4KM2y9wh4F70g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://membership.anticitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-hzmH2qcCF4KM2y9wh4F70g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jun 2024 17:43:49 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 context Show response
membership.anticitizen.com/api/v2/checkout/ 3 KB
1 KB 258ms
252ms XHR
application/json 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://membership.anticitizen.com/api/v2/checkout/context
Requested by: Host: d2n844f18s487r.cloudfront.net
URL: https://d2n844f18s487r.cloudfront.net/modules/templates/v2/shared/app-06d0b6c60e.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy, nginx /
Resource Hash: 1443ec9273bc1c1a9543b506831b43dea3df490983ce663666b5e62126abb475

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://membership.anticitizen.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:50 GMT
cache-control: no-cache, private
content-encoding: gzip
server: Caddy, nginx
alt-svc: h3=":443"; ma=2592000
vary: Accept-Encoding
content-type: application/json

GET
H2 200 favicon.ico
membership.anticitizen.com/ 1 KB
876 B 127ms
127ms Other
image/x-icon 54.87.111.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://membership.anticitizen.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.87.111.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-87-111-129.compute-1.amazonaws.com
Software: Caddy, nginx /
Resource Hash: 5ea7b8c7fd67fbd0123cff9cfba90399fce92eee6ded95fac519cc360450e6ec

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://membership.anticitizen.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 10 Jun 2024 17:43:50 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2024 15:24:08 GMT
server: Caddy, nginx
etag: W/"66671a98-485"
vary: Accept-Encoding
content-type: image/x-icon
alt-svc: h3=":443"; ma=2592000

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame F61C 0
0 62ms
57ms Document
text/html 142.250.185.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=9pvHvq7kSOTqqZusUzJ6ewaF&k=6LfyULUmAAAAAJld89qgZEGDDIGnjfWqZGBkXh3t

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/9pvHvq7kSOTqqZusUzJ6ewaF/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f4.1e100.net

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iHzW-GMf0OUbocJFu4uNlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://membership.anticitizen.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-iHzW-GMf0OUbocJFu4uNlQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 10 Jun 2024 17:43:50 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 hcaptcha-invisible-cda5e6354ef6fb6e5c4b908cbc724e43.html
js.stripe.com/v3/ Frame 889E 0
0 84ms
84ms Document
text/html 18.239.94.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-cda5e6354ef6fb6e5c4b908cbc724e43.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.94.128 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-94-128.ams1.r.cloudfront.net

Software

Cloudfront /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-YVf62+zUCuXc+687DWFpXJbcvHEt1E9z7oXILHGk3GM='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
age: 2168
cache-control: max-age=31536000
content-encoding: br
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-YVf62+zUCuXc+687DWFpXJbcvHEt1E9z7oXILHGk3GM='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Mon, 10 Jun 2024 17:07:44 GMT
etag: W/"cda5e6354ef6fb6e5c4b908cbc724e43"
last-modified: Mon, 10 Jun 2024 17:05:08 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 03335b4388aac682bcebdd7893781376.cloudfront.net (CloudFront)
x-amz-cf-id: Jy-Y5yFSqo72NiT0t5WpWFdfGBsdTayiEJ8R2Y7bkno0T3_rheQ6jg==
x-amz-cf-pop: AMS1-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-21 01:33:13	Name: _GRECAPTCHA Value: 09ANc4EB8_Xh4AyjEdQT4mVV6ozs2h09qKb1vYoyQ1s3CmcR5acO2jzxFc2cL5rub-bHZLujT1xevTZZBia18sRWI
.membership.anticitizen.com/	1970-01-20 21:16:54	Name: product-867188-checkout Value: eyJpdiI6IkIxQjNSdUlIdmhYUnFsdzV0TUFEVkE9PSIsInZhbHVlIjoibVFGM09xYm1DbVVHdFlSa3ZSWjhxMXc3aDNZSnBjYm9qOU5DWmpuR0c3Zz0iLCJtYWMiOiI5NTRjNDRlMTQzNzk3ZDIzNzliNmNiMjI3YzZjMjAxMWIxOWQyOGI3ZmViNjhlMTVjODNhMGY5MmU3M2QyYmQwIiwidGFnIjoiIn0%3D
.anticitizen.com/	1970-01-20 21:14:03	Name: _sp_ses.113e Value: *
.anticitizen.com/	1970-01-21 06:50:01	Name: _sp_id.113e Value: 45bc27f0-f8ce-4b03-9ab6-b39cdc406f6b.1718041428.1.1718041428..94082326-8a9c-4ce1-9b77-514515913882..e5b90164-31e5-4ab7-9ae7-e07082c0dbc8.1718041428103.1
snowstorm.samcart.com/	1970-01-21 05:59:37	Name: sp Value: 06de6424-2c9e-4405-85a6-c2d0d8944c10
m.stripe.com/	1970-01-21 06:50:01	Name: m Value: 3c0659a0-3a10-4b4d-bff2-13941958d5e8f6f7e1
.membership.anticitizen.com/	1970-01-21 05:59:37	Name: __stripe_mid Value: 9622f8f5-d8a2-4f0e-b6f4-a946a420a5d5eb1129
.membership.anticitizen.com/	1970-01-20 21:14:03	Name: __stripe_sid Value: e810a892-caac-4b94-8971-39c4b258287c1d278f
api2.hcaptcha.com/	1970-01-20 21:14:03	Name: __cflb Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRD1eRBo4kmcdB

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://membership.anticitizen.com/(Line 5961) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://membership.anticitizen.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d2n844f18s487r.cloudfront.net
d3uywd90fuiiyf.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
js.stripe.com
membership.anticitizen.com
s3-us-west-2.amazonaws.com
samcart-foundation-prod.s3.amazonaws.com
snowstorm.samcart.com
sockdrawer.snowstorm.samcart.com
www.google.com
www.gstatic.com
142.250.185.100
151.101.128.176
18.239.94.128
18.245.86.54
216.58.206.74
2600:9000:20ab:b600:17:fa3:a5c0:21
2600:9000:2646:3800:1d:16ba:9dc0:21
2a00:1450:4001:803::200a
2a00:1450:4001:809::2003
2a00:1450:4001:81d::2003
3.5.29.56
44.209.125.155
52.92.207.208
54.87.111.129
02f5dfc0c21e92f3c724260f035833e627513a1b91230cc490a1ea756c95e5e5
070ae84bf9615ea9e39013d6fc01eb5201f643cae37dcbcc3234102b7938ba86
114f872abf6cae70383b09ca2168821991fde718702d79cdc457a49b03560cb0
1443ec9273bc1c1a9543b506831b43dea3df490983ce663666b5e62126abb475
18c504c84ef00962ae0d1057c10598f8f1f7f4cd90b80e1353b26ecde10ed77b
19d8f3d8f0cc53b102d3ef2c32e190f471aa220a348b371e717119d82d9dab90
1f326c9e0ec6dc7c9cdfc987cd19d08771e96854056f2501b3f91d3bb8382a0f
25cc2441c15a4a0d7b0102764bee5663c0c63c50fa4389011bf2ab1e891bdb33
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
42ce717d93e9629f7538e7dd4e5662bd38e9703598a267fbbe97cc422115ba45
44004199012159c073f8c965213f9e0aecd633dfe1d58641d7f497d3c7423a61
5ea7b8c7fd67fbd0123cff9cfba90399fce92eee6ded95fac519cc360450e6ec
65e2ea0d2c795077f2417a1124db684b8c2cf79d3fa9e836d0b38d96ba9c2db8
7207a1248aca15e64dd15b9414e651cfa278e80bd8ef78d5368cd19c2d129650
75788b80f64a9232c669f18c0d8e2e6704f4478ce0c6230f9c2ce8370e4bb12e
8cad5471f3a698e7bd1f8b38322056d668d2d215efab6a50843f3e6ca27fb88c
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9e7a6754478b97c36c6733dc696d2cb127fc5f06accab9ec631ab457f8844bd6
a880ffc974b0c59d087b023f9b3ae695b73cb138e6b18b16b738b899a25275ce
b31aaefa522d67846638fa4181bbb22375bd0cb1beb37d514609c3821953161a
babd96a02521a95e1af591552d231d3b46c04ded9a5286c0245ee1720011e0d9
c3061c3788ad5783ef8a5d10c454bafe7eb942c48200dccc852cc6d3c9f303d4
c325de35ad174a5d73467ad5a4ca236171025d34ccb5f9715c1ffd26aeacec75
cae443bb12ea2b1c7d2bce65473561ff6d09b5a847f36af1666bc6d2bee29d6d
ccf4db1eeb68c96e05e74f8ebfa75cc60c3a0fed862dae6b0ad85d4e1b5b4e4f
d60609f07e06e7891ea836ea8979b294235475a6e7043fc83c466c228423d45e
dc64d7192f84497cacad5c10aef682562c24aa6124270f85fe247e223607f3ed
dffead6a4371e5a178facab7cf528ebad143253fefe79b6b728b9003efe0adf1
e0ed7e6dc163c16e3171d5c2bded9722212a305d3e145d43f2ce4f416cff0101
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fdcf5ef19dcd3005f0369e3482b28be21a70496f2d045f5a4a15d64523018a1d

membership.anticitizen.com Open in urlscan Pro 54.87.111.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

40 Requests

100 %HTTPS

36 %IPv6

8 Domains

12 Subdomains

15 IPs

2 Countries

3699 kBTransfer

6879 kBSize

9 Cookies

1 Outgoing links

Redirected requests

40 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

membership.anticitizen.com Open in urlscan Pro
54.87.111.129 Public Scan

Screenshot
Live screenshot

Full Image

40
Requests

100 %
HTTPS

36 %
IPv6

8
Domains

12
Subdomains

15
IPs

2
Countries

3699 kB
Transfer

6879 kB
Size

9
Cookies

40 HTTP transactions
1 data transactions