urlscan.io logo urlscan.io
SecurityTrails logo

alxsupport.org Open in urlscan Pro
162.215.226.6  Public Scan

Go To Rescan Add Verdict Report
URL: http://alxsupport.org/
Submission: On February 11 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 33 HTTP transactions. The main IP is 162.215.226.6, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is alxsupport.org.
This is the only time alxsupport.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 162.215.226.6 46606 (UNIFIEDLA...)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2600:9000:249... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 104.19.241.93 13335 (CLOUDFLAR...)
1 104.16.224.78 13335 (CLOUDFLAR...)
12 34.171.19.75 396982 (GOOGLE-CL...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... ()
33 10
1    162.215.226.6 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-215-226-6.unifiedlayer.com
alxsupport.org
4    2606:4700:3036::6815:2d5f (United States)

ASN13335 (CLOUDFLARENET, US)
hosted-page.civiclick.com
2    2600:9000:2491:4600:d:561:3340:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.ziggeo.com
3    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    104.19.241.93 (None, )

ASN13335 (CLOUDFLARENET, US)
app.civiclick.com
1    104.16.224.78 (None, )

ASN13335 (CLOUDFLARENET, US)
c36a393eb9c63627b26702c65282347a.cdn.bubble.io
12    34.171.19.75 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 75.19.171.34.bc.googleusercontent.com
xe23-8wgk-j2zo.n7c.xano.io
7    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a06:98c1:3120::3 (None, )

ASN- ()
xano-api.civiclickapi.com
Domain Requested by
12 xe23-8wgk-j2zo.n7c.xano.io hosted-page.civiclick.com
7 fonts.gstatic.com fonts.googleapis.com
4 hosted-page.civiclick.com 1 redirects alxsupport.org
hosted-page.civiclick.com
3 fonts.googleapis.com hosted-page.civiclick.com
2 app.civiclick.com hosted-page.civiclick.com
2 assets.ziggeo.com hosted-page.civiclick.com
1 xano-api.civiclickapi.com hosted-page.civiclick.com
1 c36a393eb9c63627b26702c65282347a.cdn.bubble.io hosted-page.civiclick.com
1 alxsupport.org
33 9

This site contains no links.

Subject Issuer Validity Valid
hosted-page.civiclick.com
E1		 2024-01-05 -
2024-04-04		 3 months crt.sh
*.ziggeo.com
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
app.civiclick.com
Cloudflare Inc ECC CA-3		 2023-10-18 -
2024-10-17		 a year crt.sh
bubble.io
Cloudflare Inc ECC CA-3		 2023-11-16 -
2024-11-15		 a year crt.sh
*.a2.xano.io
R3		 2023-12-08 -
2024-03-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
civiclickapi.com
GTS CA 1P5		 2024-01-30 -
2024-04-29		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://alxsupport.org/
Frame ID: E74F6C343AD073B360AF227492B84AB4
Requests: 1 HTTP requests in this frame

Frame: https://hosted-page.civiclick.com/?campaign_ref=5013
Frame ID: C5903CACE6CE4744C00D34A5DCA2F3C7
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

33
Requests

94 %
HTTPS

56 %
IPv6

8
Domains

9
Subdomains

10
IPs

3
Countries

992 kB
Transfer

4141 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://hosted-page.civiclick.com/?campaign_ref=5013 HTTP 301
  • https://hosted-page.civiclick.com/?campaign_ref=5013

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
alxsupport.org/ 		355 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
http://alxsupport.org/
Protocol
HTTP/1.1
Server
162.215.226.6 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-215-226-6.unifiedlayer.com
Software
nginx /
Resource Hash
3a05105c7f1b30970b89a4b3d6340ed594318fdee04c940f175699b7758d7dd3
Security Headers
Name Value
X-Frame-Options GOFORIT

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/html; charset=utf-8
Date
Sun, 11 Feb 2024 22:19:06 GMT
Server
nginx
Transfer-Encoding
chunked
X-Frame-Options
GOFORIT
/
hosted-page.civiclick.com/ Frame C590
Redirect Chain
  • http://hosted-page.civiclick.com/?campaign_ref=5013
  • https://hosted-page.civiclick.com/?campaign_ref=5013
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hosted-page.civiclick.com/?campaign_ref=5013
Requested by
Host: alxsupport.org
URL: http://alxsupport.org/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9f32b345c4a4319b579f5fcc6e1dd905371fa4232b797d168f9cc6425d65870b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://alxsupport.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
853ff8baaa5dbbda-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 11 Feb 2024 22:19:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amqn4qhqDlOvOI64qvy8zq%2BQ2tzPcE9twiIjPW0kNDVEx5U3HA4Abh7Tp7fT3J%2Fjfq6z1orocVPAUBorJLVdQJLeMkFUQYhm3ToNaE090%2Fxbw1jMUQ77tkNcfOc9CdzxBroQBL2kLGADQwC%2B2KRas%2FRAWQ2QpL6i"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
853ff8b82fbf2c57-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Sun, 11 Feb 2024 22:19:06 GMT
Expires
Sun, 11 Feb 2024 23:19:06 GMT
Location
https://hosted-page.civiclick.com/?campaign_ref=5013
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrG%2BlmFLbEefqdsz0EidI5oI3ukDosxeDgm1uJUGwX2cGRMBV1FV27OUtjC%2BKz%2BITVWX0viQNfoIYSjG%2BVujUa1bfrLXK%2BmOqPOzZqDbY3bDh6fFeYYwt6IVrRNREp%2BAt9c2PO%2FnFMASuPOq9QgWDJg1zq1aDMsH"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
ziggeo.css
assets.ziggeo.com/v2-stable/ Frame C590 		346 KB
66 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.ziggeo.com/v2-stable/ziggeo.css
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/?campaign_ref=5013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4600:d:561:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
280b1f979dcec0787e26820ec52d55f50f9c5263f58c15661c813f6c3d836c3e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 02:43:23 GMT
content-encoding
gzip
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
last-modified
Mon, 31 Jul 2023 19:34:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
70548
x-amz-server-side-encryption
AES256
etag
W/"07641abd0698843da22bfa1f98889b87"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
joAk9Qsg1RfZsFe8u_-09DilQP0F_uFCD1aaoR9c259XHZ1kh49dIQ==
index-6097168b.js
hosted-page.civiclick.com/assets/ Frame C590 		859 KB
259 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hosted-page.civiclick.com/assets/index-6097168b.js
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/?campaign_ref=5013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
900a6a55e6daebd8d2074cdcfa84343381a0b7831d84650acfd1afcdab752222
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hosted-page.civiclick.com/?campaign_ref=5013
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:07 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
MISS
etag
W/"4b0f8ef2eb5a595c2e1d81ce7e139fbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TkdEEPyyR9VNmOmC4csFT6dhxVnLfcazl5Xf6YWHQ5ArbJSagCUaN%2BFCQjpiLGKw6WWlGgdJqY4Ecn1cYC69mAH38WNz4EFXYJd5Z26GmjPCUb3FaHsOkSw%2FDko0QRcblVP9gOWQL30sK06qfU1CnVhTr8AR55Jo"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
853ff8bc1baebbda-FRA
alt-svc
h3=":443"; ma=86400
index-d8826324.css
hosted-page.civiclick.com/assets/ Frame C590 		300 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hosted-page.civiclick.com/assets/index-d8826324.css
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/?campaign_ref=5013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:2d5f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8826324560c03643633feb113deea51d3bdf4a6339541cf373b73691dd6c803
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/?campaign_ref=5013
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:07 GMT
content-encoding
br
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-cache-status
REVALIDATED
etag
W/"efa4e1f5722aebbfd94730a0ac5f5b55"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PTq0x7OWDcvne0qiMImaIneCp2IZ%2F3zueUOKUW9tcRjXmuaJOdnkr2jbRG9W6VLWkow7Odtgs5HjWEeIEga0X88%2FzNb4Z6mmZAkX3qDedIqNbU11Mb03umwIWBnA2cXPFmANgvAMiNYRWDSO"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400, must-revalidate
cf-ray
853ff8bc1badbbda-FRA
alt-svc
h3=":443"; ma=86400
ziggeo.js
assets.ziggeo.com/v2-stable/ Frame C590 		2 MB
388 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ziggeo.com/v2-stable/ziggeo.js
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/?campaign_ref=5013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:4600:d:561:3340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cd71f93776fd0bf0e0459511039f6dc988688e8e030bf95f12c60de6a66a68da

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 08:56:52 GMT
content-encoding
gzip
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront)
last-modified
Mon, 31 Jul 2023 19:34:41 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
48136
x-amz-server-side-encryption
AES256
etag
W/"9aa5b2299ab60d8fab4cb1f9aa6ab0b8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
6slalPldo2YN-nbHoPCL7g8F-AqhkMiiiC2P1uXfYJEEHGl0ObTFtg==
css
fonts.googleapis.com/ Frame C590 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap&subset=cyrillic
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-d8826324.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Feb 2024 22:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 22:19:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Feb 2024 22:19:07 GMT
css
fonts.googleapis.com/ Frame C590 		10 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e7b5a1dbf596634c08a99e3304b7b4f10c3425a4270abd229c4e4fbdbae7e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Feb 2024 22:19:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 22:13:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Feb 2024 22:19:07 GMT
Widget%20Theme
app.civiclick.com/api/1.1/obj/ Frame C590 		649 B
809 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.civiclick.com/api/1.1/obj/Widget%20Theme?constraints=[%7B%22key%22:%22Campaign+ID%22,%22constraint_type%22:%22equals%22,%22value%22:%225013%22%7D]
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c1b7a251c2090472b7ac20e148a58a4142e3e2f848f3a18734e750d7290e4784

Request headers

Accept
application/json, text/plain, */*
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":18.6,"percents":{"top":{"bubble_cpu":48.4,"block":46.7,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":10.7,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":34.8,"fiber_queue":1,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":2,"userdb_data":814,"spent_time":2353526}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-bubble-capacity-used
0.036 unit-seconds used
cf-ray
853ff8bf89f8453a-TXL
x-bubble-capacity-limit
0 ms slower
Ellipsis-1s-200px%20%282%29.svg
c36a393eb9c63627b26702c65282347a.cdn.bubble.io/f1687357046658x539719950669309100/ Frame C590 		3 KB
968 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c36a393eb9c63627b26702c65282347a.cdn.bubble.io/f1687357046658x539719950669309100/Ellipsis-1s-200px%20%282%29.svg
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/?campaign_ref=5013
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.224.78 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7c89d6640487f2ea1b50df321c57afc23150c1b8382292e6de55a288b3d5b7
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:08 GMT
x-amz-version-id
DkNgDleReenIUIOg.RMNaQJYi45LAoqY
content-encoding
br
cf-cache-status
HIT
content-security-policy
script-src 'none'
x-amz-request-id
JFAJJYNZTBSV1REW
x-amz-server-side-encryption
AES256
x-amz-meta-app-version
35gj
x-amz-id-2
xoPzqgOmprP+T4rpXL7TcO5CUqkgSeK9X4hewZ4UGXPzpZry+AqYMev9HV4zovjA5Onmd+3zFKE=
x-amz-meta-appname
civiclick
last-modified
Wed, 21 Jun 2023 14:17:27 GMT
server
cloudflare
etag
W/"b82f0f6246a205a51f10691e71174746"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=86400
cf-ray
853ff8bfaa069951-FRA
generate_token_from_campaign_id
xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/generate_token_from_campaign_id
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-data-source
Access-Control-Request-Method
POST
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 22:19:08 GMT
expires
Thu, 13 Feb 2014 22:19:08 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
generate_token_from_campaign_id
xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/generate_token_from_campaign_id
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-data-source
Access-Control-Request-Method
POST
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 22:19:08 GMT
expires
Thu, 13 Feb 2014 22:19:08 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
generate_token_from_campaign_id
xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/generate_token_from_campaign_id
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-data-source
Access-Control-Request-Method
POST
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 22:19:08 GMT
expires
Thu, 13 Feb 2014 22:19:08 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
generate_token_from_campaign_id
xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/ Frame C590 		394 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/generate_token_from_campaign_id
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
3c704e6180f0b04d1facf81cc8c73707a160ea1a04c590680bb517566c375baf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 22:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Thu, 13 Feb 2014 22:19:08 GMT
generate_token_from_campaign_id
xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/ Frame C590 		394 B
908 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/generate_token_from_campaign_id
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
b55ba099bdbabc95162296d7265be2e7537b3e15ed742599fb0533b5a775b50d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 22:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Thu, 13 Feb 2014 22:19:08 GMT
generate_token_from_campaign_id
xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/ Frame C590 		394 B
907 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:sH7glm_N/auth/generate_token_from_campaign_id
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
3d7242874fa618486eb1f41ebdfce8e571fbb880bc3d8e63de4a7a4aec8de063
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 22:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Thu, 13 Feb 2014 22:19:08 GMT
Social%20Share%20Settings
app.civiclick.com/api/1.1/obj/ Frame C590 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.civiclick.com/api/1.1/obj/Social%20Share%20Settings?constraints=[%7B%22key%22:%22Campaign+ID%22,%22constraint_type%22:%22equals%22,%22value%22:%225013%22%7D]
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.241.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
393a5d91de35ad682065bd7a19c3581b271a1c1d92a35be33c9ece71a2230390

Request headers

Accept
application/json, text/plain, */*
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":19.9,"percents":{"top":{"bubble_cpu":45,"block":50.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2},"sub":{"pp_userdb":10.1,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":38.9,"fiber_queue":0.9,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":2,"userdb_data":3526,"spent_time":2339424}}
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-bubble-capacity-used
0.036 unit-seconds used
cf-ray
853ff8bf89f9453a-TXL
x-bubble-capacity-limit
0 ms slower
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600,700,800,900&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
css
fonts.googleapis.com/ Frame C590 		10 KB
681 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e7b5a1dbf596634c08a99e3304b7b4f10c3425a4270abd229c4e4fbdbae7e4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hosted-page.civiclick.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 11 Feb 2024 22:19:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 11 Feb 2024 21:59:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 11 Feb 2024 22:19:08 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ Frame C590 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:100,200,300,400,500,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hosted-page.civiclick.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 17:34:04 GMT
x-content-type-options
nosniff
age
535504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 17:34:04 GMT
campaign_integrations
xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/ Frame C590 		15 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/campaign_integrations?campaign_id=5013
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
ff9c534d8448cd26fb0c3076ac8e5b6fcf4d3537e8d4a5249e4bec6d56664582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.oyTaf1MHImcvaAC2f6oTHaiS6JhQOxPXwdxDqxtnHX0w3ks4DTkCX2xjZ2XVZNaAEqW_nD1gN3fmFeBqLEZhFoaC-0Y7Fs9d.b9OTMafEL9Ducn21mCnTzw.DXddcbQg1xRzUmmoOOD04BVFYYBcqRfILybhQAnp-UvqnMZsnlSF6zAM7AEwJh3ksZZgjXD2J7FMAVx651ORYBmbHpgiI0-bZ3oinh1wPIP6XzmFk4vXfE0FgLRUebtLV6B9tXUuYR_e8-1zf04fjw.xa7EYuJSPyUHneziNHAFELqRvdmkgBiiuXsj8h3dDgk
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Thu, 13 Feb 2014 22:19:09 GMT
get
xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/campaign_cache_signature/ Frame C590 		40 B
618 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/campaign_cache_signature/get
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
3006c00815d774e9d406579259dde68bf6780bfc0adffb79b902e37dab86f756
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 11 Feb 2024 22:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Thu, 13 Feb 2014 22:19:09 GMT
5013
xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/ticker_theme/ Frame C590 		96 B
658 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/ticker_theme/5013
Requested by
Host: hosted-page.civiclick.com
URL: https://hosted-page.civiclick.com/assets/index-6097168b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
685a7fd976a5613a6d5f9df5750390b6c218e50475fcdc049c6537e926b11b33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
X-Data-Source
live
Referer
https://hosted-page.civiclick.com/
accept-language
de-DE,de;q=0.9
Authorization
Bearer eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMjU2Q0JDLUhTNTEyIiwiemlwIjoiREVGIn0.MOWqmqPiXpt82M8qrlKPRU9omyLohjmKomH5lFSfvv9rCDSLL7EgsEUPN8NCpCL1ovCe0kQ3fa-ZB6t7VUt3a71d-d92EWkX.p26y2PB4UVOy_CzJKHNFEg.HgTgKWfdhDkeK3LcNgZ52lDbtlMWl0ur5ni4H9S4A98fZQCt5vDVitEyN0j7Eu0uLW9bZmJ36t-dQ57OaeZafuuFZotgQpZzCkdmXIrd-0wt2lFdF7F-CU0RgkQfNIajp2M-6dKmdcotjcZ1kRCdOQ.lzEfZFPLJQ8OzZqI_WRTLI4nqL2nWKbLZYqU5ewErVc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Sun, 11 Feb 2024 22:19:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-xss-protection
1; mode=block
pragma
no-cache
x-frame-options
deny
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-max-age
86400
access-control-allow-headers
*
expires
Thu, 13 Feb 2014 22:19:09 GMT
campaign_integrations
xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/campaign_integrations?campaign_id=5013
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 22:19:08 GMT
expires
Thu, 13 Feb 2014 22:19:08 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
get
xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/campaign_cache_signature/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/campaign_cache_signature/get
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-data-source
Access-Control-Request-Method
POST
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 22:19:08 GMT
expires
Thu, 13 Feb 2014 22:19:08 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
5013
xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/ticker_theme/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xe23-8wgk-j2zo.n7c.xano.io/api:4eGZX53V/ticker_theme/5013
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.171.19.75 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
75.19.171.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,x-data-source
Access-Control-Request-Method
GET
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-methods
GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 11 Feb 2024 22:19:08 GMT
expires
Thu, 13 Feb 2014 22:19:08 GMT
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains;
x-app
hit
x-content-type-options
nosniff
x-frame-options
deny
x-xss-protection
1; mode=block
get_campaign_by_id
xano-api.civiclickapi.com/v1/ Frame C590 		0
0
get_campaign_by_id
xano-api.civiclickapi.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://xano-api.civiclickapi.com/v1/get_campaign_by_id?campaign_id=5013&campaign_signature=1707676351117
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,cache-control,x-data-source
Access-Control-Request-Method
GET
Origin
https://hosted-page.civiclick.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type, X-Data-Source, x-data-source, Cache-Control
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
DYNAMIC
cf-ray
853ff8caae125fdf-SIN
content-encoding
br
content-type
text/html;charset=UTF-8
date
Sun, 11 Feb 2024 22:19:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqZrZbTkL7jUMJUbtCXBRWfzbSya4kgtA0H8Skr%2FlL1uQpt46FHaTyl2rdHHtEbkZl1%2FsoVHw8QVez0Ok7jByvBFOX3LAXJyrFzhVYHDSdKry941LKmYyXrWbq2YMh8kgzZnqgJwyTfqQhh4CqPxerdt%2B42cRzNC"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
xano-api.civiclickapi.com
URL
https://xano-api.civiclickapi.com/v1/get_campaign_by_id?campaign_id=5013&campaign_signature=1707676351117

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options GOFORIT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alxsupport.org
app.civiclick.com
assets.ziggeo.com
c36a393eb9c63627b26702c65282347a.cdn.bubble.io
fonts.googleapis.com
fonts.gstatic.com
hosted-page.civiclick.com
xano-api.civiclickapi.com
xe23-8wgk-j2zo.n7c.xano.io
xano-api.civiclickapi.com
104.16.224.78
104.19.241.93
162.215.226.6
2600:9000:2491:4600:d:561:3340:93a1
2606:4700:3036::6815:2d5f
2a00:1450:4001:806::200a
2a00:1450:4001:812::2003
2a06:98c1:3120::3
34.171.19.75
1e7b5a1dbf596634c08a99e3304b7b4f10c3425a4270abd229c4e4fbdbae7e4e
280b1f979dcec0787e26820ec52d55f50f9c5263f58c15661c813f6c3d836c3e
3006c00815d774e9d406579259dde68bf6780bfc0adffb79b902e37dab86f756
393a5d91de35ad682065bd7a19c3581b271a1c1d92a35be33c9ece71a2230390
3a05105c7f1b30970b89a4b3d6340ed594318fdee04c940f175699b7758d7dd3
3c704e6180f0b04d1facf81cc8c73707a160ea1a04c590680bb517566c375baf
3d7242874fa618486eb1f41ebdfce8e571fbb880bc3d8e63de4a7a4aec8de063
685a7fd976a5613a6d5f9df5750390b6c218e50475fcdc049c6537e926b11b33
900a6a55e6daebd8d2074cdcfa84343381a0b7831d84650acfd1afcdab752222
9f32b345c4a4319b579f5fcc6e1dd905371fa4232b797d168f9cc6425d65870b
b55ba099bdbabc95162296d7265be2e7537b3e15ed742599fb0533b5a775b50d
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c1b7a251c2090472b7ac20e148a58a4142e3e2f848f3a18734e750d7290e4784
cd71f93776fd0bf0e0459511039f6dc988688e8e030bf95f12c60de6a66a68da
ce7c89d6640487f2ea1b50df321c57afc23150c1b8382292e6de55a288b3d5b7
d8826324560c03643633feb113deea51d3bdf4a6339541cf373b73691dd6c803
f1e4c18549167223af672ff319ac7293d52e09fd02544d08d4166078b5f36c4d
ff9c534d8448cd26fb0c3076ac8e5b6fcf4d3537e8d4a5249e4bec6d56664582