join.theintercept.com Open in urlscan Pro
52.9.79.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://join.theintercept.com/
Effective URL:
https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Submission: On July 05 via manual (July 5th 2023, 12:25:23 am UTC) from IL — Scanned from DE

Summary HTTP 50 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 10 domains to perform 50 HTTP transactions. The main IP is 52.9.79.12, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is join.theintercept.com. The Cisco Umbrella rank of the primary domain is 416112.
TLS certificate: Issued by R3 on June 20th 2023. Valid for: 3 months.

This is the only time join.theintercept.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	52.9.79.12 52.9.79.12	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:214... 2600:9000:214f:a400:b:cdfc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1 9	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.98.79 143.204.98.79	16509 (AMAZON-02) (AMAZON-02)
1	3.231.186.136 3.231.186.136	14618 (AMAZON-AES) (AMAZON-AES)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
8	3.75.117.33 3.75.117.33	16509 (AMAZON-02) (AMAZON-02)
5	151.101.65.21 151.101.65.21	54113 (FASTLY) (FASTLY)
1	54.148.115.137 54.148.115.137	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.84 64.4.245.84	17012 (PAYPAL) (PAYPAL)
1	2a04:4e42:400... 2a04:4e42:400::291	54113 (FASTLY) (FASTLY)
50	18

5 52.9.79.12 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-79-12.us-west-1.compute.amazonaws.com

join.theintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:a400:b:cdfc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.theintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.194.133 (United States) 1 redirects

ASN54113 (FASTLY, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-79.fra50.r.cloudfront.net

theintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.231.186.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-231-186-136.compute-1.amazonaws.com

c.prod.theintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.75.117.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.65.21 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.115.137 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-115-137.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::291 (United States)

ASN54113 (FASTLY, US)

c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	braintreegateway.com 1 redirects js.braintreegateway.com — Cisco Umbrella Rank: 7273 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8876 assets.braintreegateway.com — Cisco Umbrella Rank: 18903	156 KB
9	theintercept.com join.theintercept.com — Cisco Umbrella Rank: 416112 static.theintercept.com — Cisco Umbrella Rank: 248361 theintercept.com — Cisco Umbrella Rank: 99793 c.prod.theintercept.com — Cisco Umbrella Rank: 290604	378 KB
8	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 5528 b.stats.paypal.com — Cisco Umbrella Rank: 4987 dub.stats.paypal.com — Cisco Umbrella Rank: 19488 c6.paypal.com — Cisco Umbrella Rank: 6614	45 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 63 region1.google-analytics.com — Cisco Umbrella Rank: 1623	21 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9933	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	139 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 274	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 88 ajax.googleapis.com — Cisco Umbrella Rank: 433	35 KB
1	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 9057	366 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 130	350 B
50	10

	Domain	Requested by
8	client-analytics.braintreegateway.com	join.theintercept.com assets.braintreegateway.com
5	c.paypal.com	js.braintreegateway.com c.paypal.com
5	js.braintreegateway.com	join.theintercept.com
5	join.theintercept.com	join.theintercept.com
4	assets.braintreegateway.com	1 redirects js.braintreegateway.com
2	payments.braintree-api.com	join.theintercept.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	join.theintercept.com
2	www.googletagmanager.com	join.theintercept.com www.googletagmanager.com
2	static.theintercept.com	join.theintercept.com static.theintercept.com
2	cdnjs.cloudflare.com	join.theintercept.com
1	c6.paypal.com
1	dub.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	ssl.kaptcha.com	js.braintreegateway.com
1	stats.g.doubleclick.net	join.theintercept.com
1	c.prod.theintercept.com	join.theintercept.com
1	theintercept.com	static.theintercept.com
1	ajax.googleapis.com	join.theintercept.com
1	fonts.googleapis.com	join.theintercept.com
50	20

This site contains links to these domains. Also see Links.

Domain
theintercept.com

Subject Issuer	Validity	Valid
join.theintercept.com R3	`2023-06-20` - `2023-09-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
static.theintercept.com Amazon RSA 2048 M02	`2023-06-28` - `2024-07-26`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-10` - `2023-11-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
theintercept.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-12`	a year	crt.sh
prod.theintercept.com Amazon RSA 2048 M02	`2022-10-26` - `2023-11-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-06-19` - `2023-09-11`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-10-16`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2023-02-24` - `2024-03-26`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2022-10-18` - `2023-10-18`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Frame ID: 1F71097B9E30EB84F42BA6EECD123B6C
Requests: 34 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html
Frame ID: 5EC3C8993D33C8E2CC7D6B9101A2835C
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html
Frame ID: 1D620FC9568CD2B1A36FFC9300DA9573
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html
Frame ID: 68FF29255DA274A5E57B1A901296EA9B
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99
Frame ID: D2B5AC19EA27A7BC9C963EA34F588384
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 86002892F5AA869D7AA38F8CAD57565C
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14
Frame ID: 3749EBC0EAFAE0D588419B1D32F28C10
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate | The Intercept

Page URL History Show full URLs

http://join.theintercept.com/ HTTP 307
https://join.theintercept.com/ Page URL
https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Page URL

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

90 %
HTTPS

47 %
IPv6

10
Domains

20
Subdomains

18
IPs

3
Countries

793 kB
Transfer

2287 kB
Size

7
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://theintercept.com/

Search URL Search Domain Scan URL

URL: https://theintercept.com/terms-use/
Title: TERMS OF USE

Search URL Search Domain Scan URL

URL: https://theintercept.com/donor-privacy/
Title: DONOR PRIVACY

Search URL Search Domain Scan URL

URL: https://theintercept.com/donor-faq/
Title: DONOR FAQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://join.theintercept.com/ HTTP 307
https://join.theintercept.com/ Page URL
https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://join.theintercept.com/ HTTP 307
https://join.theintercept.com/

Request Chain 40

https://assets.braintreegateway.com/data/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99 HTTP 302
https://ssl.kaptcha.com/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99

Request Chain 44

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14 HTTP 302
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
join.theintercept.com/
Redirect Chain

http://join.theintercept.com/
https://join.theintercept.com/

3 KB
1001 B

694ms
217ms

Document
text/html

52.9.79.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-12.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 05 Jul 2023 00:25:19 GMT
server: openresty
vary: Accept-Encoding Cookie, Origin

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://join.theintercept.com/
Non-Authoritative-Reason: HSTS

GET
H2 200 Primary Request now Show response
join.theintercept.com/donate/ 658 KB
215 KB 794ms
794ms Document
text/html 52.9.79.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-12.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: a65c2d0d99187a2f001416d9d7e42e386a310d42b62a280e13dc41100d0fd58b

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 05 Jul 2023 00:25:19 GMT
server: openresty
vary: Accept-Encoding Cookie, Origin

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,600,700

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 04 Jul 2023 23:57:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 05 Jul 2023 00:25:20 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/ 15 KB
2 KB 134ms
49ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/select2.min.css

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1811083
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1640
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VccUAv2aD45NgEaX%2BdSjZgDDvfwgWprFFZMYED3VZa7qU9yxia37Ig8ez0F0CVg%2Fxkjm4tyFzc8xIIIkAwurQTLerxCuG%2B03i4V88EMGJrNVnSPuPwqJwSrxZRNzSTSjEIJVMFm5agG1IBdPoBeOId%2F7"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e1b785d28f8bbb6-FRA
expires: Mon, 24 Jun 2024 00:25:20 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 142ms
39ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Tue, 04 Jul 2023 08:00:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59113
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Jul 2024 08:00:07 GMT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/ 66 KB
16 KB 129ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1296657
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15961
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-108a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TANJoqKePSU%2FkbYsxIhO%2B9IXalHu6H82J8uXqv8UkLXiytifcoZ3B%2FLW0lngzTjjTN5ryNcVi2kR%2B0xUcQkpknAZ7F2i4kstJBlZZguD4UWJmMp7AtDxan7dD9%2BdMB8e%2BzmQqHyEQbdflzY498HflEXs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7e1b785d28f9bbb6-FRA
expires: Mon, 24 Jun 2024 00:25:20 GMT

GET
H2 200 actionkit.js Show response
join.theintercept.com/resources/ 98 KB
36 KB 567ms
565ms Script
application/javascript 52.9.79.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/resources/actionkit.js
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-12.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 832d40be09adf2cca62e837ce2721e27811eb933b05fcd8e5ce3db7cacd2594b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: gzip
last-modified: Tue, 04 Jul 2023 00:05:18 GMT
server: openresty
etag: W/"64a3623e-1897d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Thu, 06 Jul 2023 00:25:20 GMT

GET
H2 200 ti-v1.css
static.theintercept.com/ti.js/ 41 KB
41 KB 174ms
45ms Stylesheet
text/css 2600:9000:214f:a400:b:cdfc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.theintercept.com/ti.js/ti-v1.css
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a400:b:cdfc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8672bbae0961a6d442ea24b584c344363a111e9f5b20b540b842b27d731e9f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:18:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 19:14:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1441
x-amz-server-side-encryption: AES256
etag: "3928587d805a7908e4917742eb61f63d"
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 42076
x-amz-cf-id: dxGBPQXYgbuxRS9AhNNHjLQFpxyHONyCz3AXSNAX6qyTL8NDUOZlBA==

GET
H2 200 ti-v1.js Show response
static.theintercept.com/ti.js/ 53 KB
54 KB 217ms
88ms Script
application/javascript 2600:9000:214f:a400:b:cdfc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.theintercept.com/ti.js/ti-v1.js
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:a400:b:cdfc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eca177f087f533d04d07129a0db8c290b5d9db8526ab5024747f25409bf635ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:18:08 GMT
via: 1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified: Wed, 28 Jun 2023 19:14:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 1201
x-amz-server-side-encryption: AES256
etag: "b05b155ccdaefe0c16354cfe0719fc90"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 54441
x-amz-cf-id: ILapWYIXMzScVQ_ITJLZjFFYM4lqH2VeSIMORROJwKhuMwUa-NfE3g==

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 41 KB
12 KB 159ms
40ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/client.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c7426dab3210a5bf3c4b4924bc678c0001f4765137ba482ac8fc07fb4f32001

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 87cf3a2a48482
dc: ccg11-origin-www-1.paypal.com
content-length: 12100
x-served-by: cache-sjc10051-SJC, cache-fra-eddf8230112-FRA
last-modified: Fri, 10 Dec 2021 00:01:56 GMT
traceparent: 00-000000000000000000087cf3a2a48482-7034305f4327dbde-01
x-timer: S1688516720.217156,VS0,VE0
etag: W/"61b298f4-a4b4"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 1095, 17

GET
H2 200 three-d-secure.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 58 KB
15 KB 164ms
45ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/three-d-secure.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a68f878b0525f6d9ab5cad197a55bf60f8610e4bd0f9867dca3daaf25e99bdfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 320cf0e210e20
dc: ccg11-origin-www-1.paypal.com
content-length: 14871
x-served-by: cache-sjc10023-SJC, cache-fra-eddf8230112-FRA
last-modified: Fri, 10 Dec 2021 00:01:56 GMT
traceparent: 00-0000000000000000000320cf0e210e20-036ffaf2efed47cf-01
x-timer: S1688516720.217642,VS0,VE1
etag: W/"61b298f4-e92a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 133, 1

GET
H2 200 hosted-fields.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 61 KB
16 KB 165ms
45ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

38e7c1f2b12b0503566f214cfcde7353ab180deab7a4ec39d539c0b4623bb761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: d8d220d0cba63
dc: ccg11-origin-www-1.paypal.com
content-length: 16579
x-served-by: cache-sjc1000113-SJC, cache-fra-eddf8230112-FRA
last-modified: Fri, 10 Dec 2021 00:01:56 GMT
traceparent: 00-0000000000000000000d8d220d0cba63-f55ffb2e3a9069e9-01
x-timer: S1688516720.217631,VS0,VE1
etag: W/"61b298f4-f591"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 11045, 1

GET
H2 200 data-collector.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 31 KB
10 KB 162ms
43ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/data-collector.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2f3793dd173f59b85a16571e416ccf588b2034dded889a21b1a1251a1ada52b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: 54e3b5c1e143c
dc: ccg11-origin-www-1.paypal.com
content-length: 10171
x-served-by: cache-sjc10033-SJC, cache-fra-eddf8230112-FRA
last-modified: Fri, 10 Dec 2021 00:01:56 GMT
traceparent: 00-000000000000000000054e3b5c1e143c-07ae8d61c3e07bb7-01
x-timer: S1688516720.217616,VS0,VE0
etag: W/"61b298f4-7bae"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 241, 2

GET
H2 200 us-bank-account.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 24 KB
7 KB 197ms
78ms Script
application/javascript 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/us-bank-account.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

84b343633e2b0f92ed854df2f6c90c3b92c01f9e52f596e12abc4bbeec8afaac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
paypal-debug-id: bd4ab7af32d29
dc: ccg11-origin-www-1.paypal.com
content-length: 6894
x-served-by: cache-sjc10080-SJC, cache-fra-eddf8230112-FRA
last-modified: Fri, 10 Dec 2021 00:01:56 GMT
traceparent: 00-0000000000000000000bd4ab7af32d29-ffcca05a0c10548e-01
x-timer: S1688516720.217636,VS0,VE2
etag: W/"61b298f4-5e10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 114, 1

GET
H2 200 ak_braintree_vzero.js Show response
join.theintercept.com/resources/ 16 KB
4 KB 378ms
377ms Script
application/javascript 52.9.79.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/resources/ak_braintree_vzero.js
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-12.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: gzip
last-modified: Fri, 09 Sep 2022 19:19:05 GMT
server: openresty
etag: W/"631b91a9-4065"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Thu, 06 Jul 2023 00:25:20 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
47 KB 141ms
52ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3FG883

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38fcd6101defae4a4ffe54e6f99da0841c42f087bbf98cf93743a0de46242ead

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48172
x-xss-protection: 0
last-modified: Wed, 05 Jul 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 05 Jul 2023 00:25:20 GMT

GET 4e0f70944bd0a2faaf07.woff
static.theintercept.com/ti.js/ 0
0

GET 0a375848f53f007cd85f.woff
static.theintercept.com/ti.js/ 0
0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 129ms
39ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 04 Jul 2023 23:04:41 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Wed, 05 Jul 2023 01:04:41 GMT

GET
H2 200 parsely.js Show response
theintercept.com/ 66 KB
21 KB 145ms
52ms Script
text/javascript 143.204.98.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://theintercept.com/parsely.js

Requested by

Host: static.theintercept.com
URL: https://static.theintercept.com/ti.js/ti-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-79.fra50.r.cloudfront.net

Software

cloudflare / Express

Resource Hash

99b4e8a609d14d7ee80fc3f9f0a21ffed210ecbcafe9aa00ce0c3beaec7c732d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront), 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
date: Wed, 05 Jul 2023 00:25:20 GMT
x-amz-cf-pop: FRA56-P2, FRA50-C1
age: 28
x-powered-by: Express
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: "106d9-hNMYqYhc5TsAHOo/Ckv0Q4pDNas"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 7dfb7bf46e4090fa-FRA
x-amz-cf-id: lWGM-ZlZaxP1sMdmS65HOpw3R2Bnn-OIdt44miWcVRBvTYPbKO4Vtw==

GET 9893531b7abc7f6ee9c0.woff
static.theintercept.com/ti.js/ 0
0

GET edcbc2f6b7d791cb7e2c.woff
static.theintercept.com/ti.js/ 0
0

GET
H2 200 now Show response
join.theintercept.com/context/ 13 KB
6 KB 461ms
461ms Script
text/javascript 52.9.79.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/context/now?callback=actionkit.forms.onContextLoaded&form_name=donate&required=email&required=country&r=0.015730248635785316&url=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/resources/actionkit.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.79.12 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-79-12.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 7ac034bbf606df64c95946b0fd10113d0b532ef5dd69547097a04cee6df2bb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:21 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Cookie, Origin
content-type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
91 KB 57ms
56ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-94T13D50WM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3FG883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e6b92d9f855de8c40dd491c62a7155683ecbf669f874ad6d7699a8078a4bea7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date: Wed, 05 Jul 2023 00:25:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93557
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 05 Jul 2023 00:25:20 GMT

GET
H2 200 /
c.prod.theintercept.com/plogger/ 43 B
181 B 377ms
118ms Image
image/gif 3.231.186.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.prod.theintercept.com/plogger/?rand=1688516720783&plid=52093299&idsite=theintercept.com&url=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&urlref=https%3A%2F%2Fjoin.theintercept.com%2F&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&sref=https%3A%2F%2Fjoin.theintercept.com%2F&sts=1688516720939&slts=0&title=Donate+%7C+The+Intercept&date=Wed+Jul+05+2023+00%3A25%3A20+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=30919585&u=pid%3D7fda2fc6beb709efcbb25da90e941574
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.231.186.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-231-186-136.compute-1.amazonaws.com
Software: restify /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 05 Jul 2023 00:25:21 GMT
cache-control: no-cache, no-store, must-revalidate
cache: no-cache
server: restify
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 47ms
47ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=849063054&t=pageview&_s=1&dl=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&ul=en-us&de=UTF-8&dt=Donate%20%7C%20The%20Intercept&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1407927741&gjid=835672225&cid=1148584725.1688516721&tid=UA-79475609-15&_gid=837880856.1688516721&_r=1&_slc=1&z=1133599827

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://join.theintercept.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 00:25:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://join.theintercept.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 142ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-94T13D50WM&gtm=45je36s0&_p=849063054&cid=1148584725.1688516721&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1688516721&sct=1&seg=0&dl=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&dr=https%3A%2F%2Fjoin.theintercept.com%2F&dt=Donate%20%7C%20The%20Intercept&en=page_view&_fv=1&_ss=1&ep.anonymizeIp=true
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94T13D50WM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 00:25:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://join.theintercept.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
350 B 174ms
49ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-79475609-15&cid=1148584725.1688516721&jid=1407927741&gjid=835672225&_gid=837880856.1688516721&_u=IEBAAEAAAAAAACAAI~&z=602829187

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://join.theintercept.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 05 Jul 2023 00:25:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://join.theintercept.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 130ms
43ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://join.theintercept.com
access-control-max-age: 1800
date: Wed, 05 Jul 2023 00:25:21 GMT
paypal-debug-id: f522da4a41b74
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 91ms
90ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

b42f94d39da9eaf5144b1e99ce1fd37bab1e0d9e9756d99ea177244ef3c704ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://join.theintercept.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2ODg2MDMxMTksImp0aSI6ImMwZTJiZmM0LWZjYWMtNDQwMi1hOGVjLWQ0MDcxMWY2MTQ5NSIsInN1YiI6Imh0amhwcjR6YjRoM3Q4ankiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Imh0amhwcjR6YjRoM3Q4ankiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.bNP-jbTcEZgECZhQmdEsPjWB6Kncur8glTT2TagK1vUMToGKrgcHy4fdy-z4ARIiw87Mu2SpNITM0v11gSHTdA
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 00:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://join.theintercept.com
paypal-debug-id: 87cc98112a494
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 933

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 47ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-94T13D50WM&gtm=45je36s0&_p=849063054&cid=1148584725.1688516721&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&ngs=1&_s=2&sid=1688516721&sct=1&seg=0&dl=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&dr=https%3A%2F%2Fjoin.theintercept.com%2F&dt=Donate%20%7C%20The%20Intercept&en=scroll&ep.anonymizeIp=true&epn.percent_scrolled=90&_et=9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94T13D50WM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 05 Jul 2023 00:25:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://join.theintercept.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 187ms
41ms Preflight 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 05 Jul 2023 00:25:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 187ms
41ms Preflight 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 05 Jul 2023 00:25:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ 0
350 B 42ms
41ms XHR
text/plain 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://join.theintercept.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 05 Jul 2023 00:25:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ 0
350 B 43ms
42ms XHR
text/plain 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://join.theintercept.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 05 Jul 2023 00:25:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 170ms
41ms Preflight 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 05 Jul 2023 00:25:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ 0
350 B 81ms
42ms XHR
text/plain 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://join.theintercept.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 05 Jul 2023 00:25:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 60 KB
21 KB 145ms
40ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/data-collector.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 201886
date: Wed, 05 Jul 2023 00:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 3286971
x-cache: HIT, HIT
paypal-debug-id: 9c1affd672957
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20747
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (frc/4CE0)
traceparent: 00-00000000000000000009c1affd672957-01cd3a7c71689947-01
x-timer: S1688516722.664426,VS0,VE1
etag: "645e72dc-eeee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 00:25:21 GMT

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.69.0/html/ Frame 5EC3 123 KB
31 KB 72ms
42ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31712
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 05 Jul 2023 00:25:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6376426f-1ec25"
last-modified: Thu, 17 Nov 2022 14:17:19 GMT
paypal-debug-id: 626974419256f
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000626974419256f-2b3b861cb222521a-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 32, 1
x-content-type-options: nosniff
x-served-by: cache-sjc1000087-SJC, cache-fra-eddf8230112-FRA
x-timer: S1688516722.592338,VS0,VE2

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.69.0/html/ Frame 1D62 123 KB
31 KB 75ms
46ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31712
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 05 Jul 2023 00:25:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6376426f-1ec25"
last-modified: Thu, 17 Nov 2022 14:17:19 GMT
paypal-debug-id: 626974419256f
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000626974419256f-2b3b861cb222521a-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 32, 3
x-content-type-options: nosniff
x-served-by: cache-sjc1000087-SJC, cache-fra-eddf8230112-FRA
x-timer: S1688516722.592694,VS0,VE1

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.69.0/html/ Frame 68FF 123 KB
31 KB 74ms
45ms Document
text/html 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public,max-age=3600
content-encoding: br
content-length: 31712
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Wed, 05 Jul 2023 00:25:21 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"6376426f-1ec25"
last-modified: Thu, 17 Nov 2022 14:17:19 GMT
paypal-debug-id: 626974419256f
strict-transport-security: max-age=31557600
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-0000000000000000000626974419256f-2b3b861cb222521a-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: HIT, HIT
x-cache-hits: 32, 3
x-content-type-options: nosniff
x-served-by: cache-sjc1000087-SJC, cache-fra-eddf8230112-FRA
x-timer: S1688516722.592670,VS0,VE1

GET
H/1.1

200
OK

logo.htm Show response
ssl.kaptcha.com/ Frame D2B5
Redirect Chain

https://assets.braintreegateway.com/data/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99
https://ssl.kaptcha.com/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99

41 B
366 B

636ms
203ms

Document
text/html

54.148.115.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/data-collector.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.148.115.137 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-148-115-137.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Length: 41
Content-Type: text/html
Date: Wed, 05 Jul 2023 00:25:22 GMT
Expires: 0
Pragma: no-cache
X-Correlation-Id: 1d335848-0256-4075-bab8-25dd96ddf37b

Redirect headers

accept-ranges: bytes
cache-control: s-maxage=31536000, public, max-age=3600
content-length: 138
content-type: text/html
date: Wed, 05 Jul 2023 00:25:21 GMT
dc: ccg11-origin-www-1.paypal.com
location: https://ssl.kaptcha.com/logo.htm?m=null&s=eccdb72449c0366eb14cbe22dfebed99
paypal-debug-id: d84fd3d434cd6
strict-transport-security: max-age=31557600
traceparent: 00-0000000000000000000d84fd3d434cd6-82d2ee6b0b3c5597-01
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-sjc10021-SJC, cache-fra-eddf8230112-FRA
x-timer: S1688516722.592685,VS0,VE222

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 50ms
40ms Preflight 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.braintreegateway.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Wed, 05 Jul 2023 00:25:21 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ Frame 5EC3 0
356 B 44ms
42ms XHR
text/plain 3.75.117.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.75.117.33 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-117-33.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.braintreegateway.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Date: Wed, 05 Jul 2023 00:25:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 8600 160 B
1 KB 198ms
198ms Document
text/html 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: a7c9fc6e27910
date: Wed, 05 Jul 2023 00:25:21 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: a7c9fc6e27910
server-timing: "traceparent;desc="00-0000000000000000000a7c9fc6e27910-44a246b89e6b1527-01"";content-encoding;desc="",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000a7c9fc6e27910-64f621aed9e3687f-01
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-fra-eddf8230089-FRA
x-timer: S1688516722.742671,VS0,VE158
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/ Frame 3749
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14
https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14

42 B
299 B

197ms
64ms

Image
image/jpeg

64.4.245.84
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14
Protocol: HTTP/1.1
Server: 64.4.245.84 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Wed, 05 Jul 2023 00:25:22 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=cf25a4c1f7fc5efeacc1f25aa4a5a723&t=1688516721.542&a=14
Date: Wed, 05 Jul 2023 00:25:21 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 8600 60 KB
21 KB 42ms
42ms Script
application/javascript 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (frc/4CE0) /

Resource Hash

38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-cache-hits: 201887
date: Wed, 05 Jul 2023 00:25:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 3286971
x-cache: HIT, HIT
paypal-debug-id: 9c1affd672957
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 20747
x-served-by: cache-fra-eddf8230089-FRA
last-modified: Fri, 12 May 2023 17:09:48 GMT
server: ECAcc (frc/4CE0)
traceparent: 00-00000000000000000009c1affd672957-01cd3a7c71689947-01
x-timer: S1688516722.944184,VS0,VE1
etag: "645e72dc-eeee"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: s-maxage=31536000, public,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 00:25:21 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 8600 125 B
566 B 219ms
219ms XHR
application/json 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

331b82bb9360481eae1f71f88b1ce1f952a6f609614644b457ea24089ba3521a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Jul 2023 00:25:22 GMT
via: 1.1 varnish
disable-set-cookie: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: f8a434aa7336c
server-timing: "traceparent;desc="00-0000000000000000000f8a434aa7336c-cc766acc2348b55f-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 125
x-served-by: cache-fra-eddf8230089-FRA
correlation-id: f8a434aa7336c
traceparent: 00-0000000000000000000f8a434aa7336c-70e33f28726cf3eb-01
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 8600 0
262 B 221ms
220ms XHR
text/plain 151.101.65.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 05 Jul 2023 00:25:22 GMT
via: 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS
paypal-debug-id: d59aaac404ec3
server-timing: "traceparent;desc="00-0000000000000000000d59aaac404ec3-a151a1e409b09f9a-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-fra-eddf8230089-FRA
correlation-id: d59aaac404ec3
traceparent: 00-0000000000000000000d59aaac404ec3-ee82d41f5c77bfc9-01
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 8600 0
377 B 343ms
207ms Image
text/plain 2a04:4e42:400::291
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=cf25a4c1f7fc5efeacc1f25aa4a5a723&s=BRAINTREE_SIGNIN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::291 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230088-FRA
date: Wed, 05 Jul 2023 00:25:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: b07d8fe17c45f
via: 1.1 varnish
traceparent: 00-0000000000000000000b07d8fe17c45f-7c73fa7d2326fc6a-01
x-timer: S1688516722.160825,VS0,VE167
x-cache: MISS
paypal-debug-id: b07d8fe17c45f
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="",x-cdn;desc="fastly"
accept-ranges: bytes
timing-allow-origin: *
content-length: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/4e0f70944bd0a2faaf07.woff

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/0a375848f53f007cd85f.woff

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/9893531b7abc7f6ee9c0.woff

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/edcbc2f6b7d791cb7e2c.woff

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
join.theintercept.com/donate	1969-12-31 23:59:59	Name: Value: test
.theintercept.com/	1970-01-20 13:01:58	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join%22%2C%22sref%22:%22https://join.theintercept.com/%22%2C%22sts%22:1688516720939%2C%22slts%22:0}
.theintercept.com/	1970-01-20 22:31:20	Name: _parsely_visitor Value: {%22id%22:%22pid=7fda2fc6beb709efcbb25da90e941574%22%2C%22session_count%22:1%2C%22last_session_ts%22:1688516720939}
.theintercept.com/	1970-01-20 13:03:23	Name: _gid Value: GA1.2.837880856.1688516721
.theintercept.com/	1970-01-20 13:01:56	Name: _gat Value: 1
.theintercept.com/	1970-01-20 22:37:56	Name: _ga Value: GA1.1.1148584725.1688516721
.theintercept.com/	1970-01-20 22:37:56	Name: _ga_94T13D50WM Value: GS1.1.1688516721.1.0.1688516721.0.0.0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/0a375848f53f007cd85f.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/0a375848f53f007cd85f.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/4e0f70944bd0a2faaf07.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/4e0f70944bd0a2faaf07.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/9893531b7abc7f6ee9c0.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/9893531b7abc7f6ee9c0.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/edcbc2f6b7d791cb7e2c.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/edcbc2f6b7d791cb7e2c.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c.prod.theintercept.com
c6.paypal.com
cdnjs.cloudflare.com
client-analytics.braintreegateway.com
dub.stats.paypal.com
fonts.googleapis.com
join.theintercept.com
js.braintreegateway.com
payments.braintree-api.com
region1.google-analytics.com
ssl.kaptcha.com
static.theintercept.com
stats.g.doubleclick.net
theintercept.com
www.google-analytics.com
www.googletagmanager.com
static.theintercept.com
13.248.139.42
143.204.98.79
151.101.194.133
151.101.65.21
2001:4860:4802:34::36
2600:9000:214f:a400:b:cdfc:e300:93a1
2606:4700::6811:180e
2a00:1450:4001:806::2008
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:400c:c00::9a
2a04:4e42:400::291
3.231.186.136
3.75.117.33
52.9.79.12
54.148.115.137
64.4.245.84
0c7426dab3210a5bf3c4b4924bc678c0001f4765137ba482ac8fc07fb4f32001
1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba
2f3793dd173f59b85a16571e416ccf588b2034dded889a21b1a1251a1ada52b8
331b82bb9360481eae1f71f88b1ce1f952a6f609614644b457ea24089ba3521a
3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426
38a98855add87ceae220cdceb1bc4e75e6c5c05346bbedea09279c03043297f2
38e7c1f2b12b0503566f214cfcde7353ab180deab7a4ec39d539c0b4623bb761
38fcd6101defae4a4ffe54e6f99da0841c42f087bbf98cf93743a0de46242ead
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7ac034bbf606df64c95946b0fd10113d0b532ef5dd69547097a04cee6df2bb2f
832d40be09adf2cca62e837ce2721e27811eb933b05fcd8e5ce3db7cacd2594b
84b343633e2b0f92ed854df2f6c90c3b92c01f9e52f596e12abc4bbeec8afaac
8672bbae0961a6d442ea24b584c344363a111e9f5b20b540b842b27d731e9f2d
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
99b4e8a609d14d7ee80fc3f9f0a21ffed210ecbcafe9aa00ce0c3beaec7c732d
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a65c2d0d99187a2f001416d9d7e42e386a310d42b62a280e13dc41100d0fd58b
a68f878b0525f6d9ab5cad197a55bf60f8610e4bd0f9867dca3daaf25e99bdfb
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf
b42f94d39da9eaf5144b1e99ce1fd37bab1e0d9e9756d99ea177244ef3c704ec
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b92d9f855de8c40dd491c62a7155683ecbf669f874ad6d7699a8078a4bea7e
eca177f087f533d04d07129a0db8c290b5d9db8526ab5024747f25409bf635ca

join.theintercept.com Open in urlscan Pro 52.9.79.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

90 %HTTPS

47 %IPv6

10 Domains

20 Subdomains

18 IPs

3 Countries

793 kBTransfer

2287 kBSize

7 Cookies

4 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

join.theintercept.com Open in urlscan Pro
52.9.79.12 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

90 %
HTTPS

47 %
IPv6

10
Domains

20
Subdomains

18
IPs

3
Countries

793 kB
Transfer

2287 kB
Size

7
Cookies

50 HTTP transactions
0 data transactions