secure.campaigner.com Open in urlscan Pro
216.24.224.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Submission: On February 05 via api (February 5th 2020, 6:59:39 pm UTC) from US

Summary HTTP 21 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 21 HTTP transactions. The main IP is 216.24.224.42, located in Ottawa, Canada and belongs to ETOLL1, CA. The main domain is secure.campaigner.com.

This is the only time secure.campaigner.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	216.24.224.42 216.24.224.42	17358 (ETOLL1) (ETOLL1)
4	198.71.233.109 198.71.233.109	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
11 11	70.37.54.108 70.37.54.108	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	143.204.214.100 143.204.214.100	16509 (AMAZON-02) (AMAZON-02)
1	143.204.214.67 143.204.214.67	16509 (AMAZON-02) (AMAZON-02)
1	52.216.171.107 52.216.171.107	16509 (AMAZON-02) (AMAZON-02)
1	8.224.216.245 8.224.216.245	3356 (LEVEL3) (LEVEL3)
1	216.24.224.100 216.24.224.100	17358 (ETOLL1) (ETOLL1)
21	7

3 216.24.224.42 (Ottawa, Canada)

ASN17358 (ETOLL1, CA)
PTR: secure.campaigner.com

secure.campaigner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.71.233.109 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-198-71-233-109.ip.secureserver.net

partiallypolitics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 70.37.54.108 (San Antonio, United States) 11 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

stripe.rs-2099-a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 143.204.214.100 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-100.fra53.r.cloudfront.net

images-prod.powerinboxedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-67.fra53.r.cloudfront.net

branding.revenuestripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.171.107 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

banyanhill.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.224.216.245 (United States)

ASN3356 (LEVEL3, US)

g.dmsgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.24.224.100 (Ottawa, Canada)

ASN17358 (ETOLL1, CA)
PTR: click.skem1.com

trk.cp20.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	rs-2099-a.com 11 redirects stripe.rs-2099-a.com	5 KB
10	powerinboxedge.com images-prod.powerinboxedge.com	831 KB
4	partiallypolitics.com partiallypolitics.com	105 KB
3	campaigner.com secure.campaigner.com	15 KB
1	cp20.com trk.cp20.com	249 B
1	dmsgs.com g.dmsgs.com	13 KB
1	amazonaws.com banyanhill.s3.amazonaws.com	46 KB
1	revenuestripe.com branding.revenuestripe.com	2 KB
21	8

	Domain	Requested by
11	stripe.rs-2099-a.com	11 redirects
10	images-prod.powerinboxedge.com	secure.campaigner.com
4	partiallypolitics.com	secure.campaigner.com
3	secure.campaigner.com	secure.campaigner.com
1	trk.cp20.com	secure.campaigner.com
1	g.dmsgs.com	secure.campaigner.com
1	banyanhill.s3.amazonaws.com	secure.campaigner.com
1	branding.revenuestripe.com	secure.campaigner.com
21	8

This site contains links to these domains. Also see Links.

Domain
trk.cp20.com

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Frame ID: 9DE96A88334CEA821497EAC6984B3524
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

21
Requests

0 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

1012 kB
Transfer

1076 kB
Size

1
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0v9-d3phdr58/

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0va-d3phdr58/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vb-d3phdr59/

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vc-d3phdr50/
Title: More

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vd-d3phdr51/

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0ve-d3phdr52/
Title: More

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vf-d3phdr53/
Title: We Say Goodbye To Clint Eastwood...

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vg-d3phdr54/
Title: New Energy Stock that is Set To Explode!

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vh-d3phdr55/
Title: Identity of whistleblower is already widely known

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vi-d3phdr56/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vj-d3phdr57/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vk-d3phdr58/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vl-d3phdr59/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vm-d3phdr50/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vn-d3phdr51/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vo-d3phdr52/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vp-d3phdr53/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vq-d3phdr54/

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vr-d3phdr55/

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vs-d3phdr56/pmregylnobqwsz3ofzewiir2ei2dcmrsha4tqnjcfqreg33oorqwg5boivwwc2lmei5ceytbnrqw4zdznnaho2ltmmxgkzdvej6q%3D%3D%3D%3D

Search URL Search Domain Scan URL

URL: http://trk.cp20.com/click/g8ff-1qrn0v-lzv0vt-d3phdr57/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16127&cs_sendid=41228985&cs_offset=0&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/2816/593178

Request Chain 5

http://stripe.rs-2099-a.com/branding/recommend/short.png HTTP 301
http://branding.revenuestripe.com/recommend/short.png

Request Chain 9

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=0&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/521344

Request Chain 10

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=1&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/549449

Request Chain 11

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=2&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/524391

Request Chain 12

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=3&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/593167

Request Chain 13

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=4&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/593231

Request Chain 14

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=5&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/591840

Request Chain 15

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=6&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/589731

Request Chain 16

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=7&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/3904/590509

Request Chain 18

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=117104&cs_sendid=41228985&cs_offset=0&cs_esp=dms HTTP 303
http://images-prod.powerinboxedge.com/v3/images/0/561651

21 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set g8ff-1qrn0v--ojohl-d3phdr52 Show response
secure.campaigner.com/csb/Public/show/ 57 KB
9 KB 595ms
582ms Document
text/html 216.24.224.42
ETOLL1

General

Check archive.org

Show headers Download Go to

Full URL

http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

216.24.224.42 Ottawa, Canada, ASN17358 (ETOLL1, CA),

Reverse DNS

secure.campaigner.com

Software

Resource Hash

ae5405ba571816862b77c835256e3c26994963b43f84e73c36e9a408773a0450

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
X-Content-Security-Policy	frame-ancestors *
X-Frame-Options	SAMEORIGIN

Request headers

Host: secure.campaigner.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server
Set-Cookie: .ASPXANONYMOUS=A0fkNugS1gEkAAAAOWY2ZTM2ZDQtNGM1YS00MTUwLWI0ZTUtNmQwMzUwMTcxZmJiZVrD1haa_IG6b2djdWfBI1RyEaY1; expires=Wed, 15-Apr-2020 05:39:21 GMT; path=/; HttpOnly ASP.NET_SessionId=q4rz3k4bbvh3102egwpavvfd; path=/; secure; HttpOnly
X-AspNet-Version
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors *
X-Content-Security-Policy: frame-ancestors *
Access-Control-Allow-Origin: *
X-TEST-OUTPUT: ECM= ORIGIN= referer=
Date: Wed, 05 Feb 2020 18:59:21 GMT
Content-Length: 8121

GET
H/1.1 200
OK ComboBox.campFormCombo.css
secure.campaigner.com/csb/App_Themes/Lightning/ 5 KB
1 KB 212ms
199ms Stylesheet
text/css 216.24.224.42
ETOLL1

General

Check archive.org

Show headers Download Go to

Full URL

http://secure.campaigner.com/csb/App_Themes/Lightning/ComboBox.campFormCombo.css

Requested by

Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

216.24.224.42 Ottawa, Canada, ASN17358 (ETOLL1, CA),

Reverse DNS

secure.campaigner.com

Software

Resource Hash

3e8f432938bb68e2d2ee6cfb81dae2885267c58b1abc04f663266eb0ee028d5b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
X-Content-Security-Policy	frame-ancestors *
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-TEST-OUTPUT: ECM= ORIGIN= http://secure.campaigner.com referer= http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Content-Security-Policy: frame-ancestors *
Content-Encoding: gzip
Last-Modified: Mon, 27 Jan 2020 16:16:48 GMT
Server
X-ASPNET-VERSION
X-Frame-Options: SAMEORIGIN
ETag: "098d92c2dd5d51:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Date: Wed, 05 Feb 2020 18:59:21 GMT
Accept-Ranges: bytes
Content-Length: 928
X-Content-Security-Policy: frame-ancestors *

GET
H/1.1 200
OK fonticons.css
secure.campaigner.com/csb/App_Themes/Lightning/Common/ 23 KB
5 KB 210ms
198ms Stylesheet
text/css 216.24.224.42
ETOLL1

General

Check archive.org

Show headers Download Go to

Full URL

http://secure.campaigner.com/csb/App_Themes/Lightning/Common/fonticons.css

Requested by

Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

216.24.224.42 Ottawa, Canada, ASN17358 (ETOLL1, CA),

Reverse DNS

secure.campaigner.com

Software

Resource Hash

7298ac333bec1e6e6cdbccfb3688f900510770ec58fa83db582430c624e3b609

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *
X-Content-Security-Policy	frame-ancestors *
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

X-TEST-OUTPUT: ECM= ORIGIN= http://secure.campaigner.com referer= http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Content-Security-Policy: frame-ancestors *
Content-Encoding: gzip
Last-Modified: Mon, 27 Jan 2020 16:16:48 GMT
Server
X-ASPNET-VERSION
X-Frame-Options: SAMEORIGIN
ETag: "098d92c2dd5d51:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=3600
Date: Wed, 05 Feb 2020 18:59:21 GMT
Accept-Ranges: bytes
Content-Length: 4196
X-Content-Security-Policy: frame-ancestors *

GET
H/1.1 200
OK spacer.gif
partiallypolitics.com/wp-content/uploads/2018/08/ 1 KB
1 KB 220ms
189ms Image
image/gif 198.71.233.109
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://partiallypolitics.com/wp-content/uploads/2018/08/spacer.gif

Requested by

Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-109.ip.secureserver.net

Software

Resource Hash

843630b029a0f48dbad89b365e9b1b90fe8c19b3586d2f43090b95814d91751b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Aug 2018 19:21:55 GMT
X-Backend: all_requests
Age: 100369
ETag: "447-573058a3f7ac0"
X-Cacheable: YES
X-Cache: cached
Content-Type: image/gif
X-Cache-Hit: HIT
Date: Wed, 05 Feb 2020 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 1095
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK emailbannernew-1.jpg
partiallypolitics.com/wp-content/uploads/2018/08/ 51 KB
51 KB 222ms
191ms Image
image/jpeg 198.71.233.109
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://partiallypolitics.com/wp-content/uploads/2018/08/emailbannernew-1.jpg

Requested by

Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-109.ip.secureserver.net

Software

Resource Hash

2356dce9b1378ae5e81d1f447a653affc7cdff127dd87a3fe64c0b707d5a4779

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Aug 2018 19:18:51 GMT
X-Backend: all_requests
Age: 98439
ETag: "cafa-573057f47dcc0"
X-Cacheable: YES
X-Cache: cached
Content-Type: image/jpeg
X-Cache-Hit: HIT
Date: Wed, 05 Feb 2020 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 51962
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

593178
images-prod.powerinboxedge.com/v3/images/2816/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16127&cs_sendid=41228985&cs_offset=0&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/2816/593178

48 KB
49 KB

92ms
33ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/2816/593178
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9b33a0f121b6bcbe07ef6677977226b960aa6270a37c2de9187766d22fc64e7

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:56:48 GMT
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
Last-Modified: Tue, 14 Jan 2020 16:57:30 GMT
Server: AmazonS3
Age: 155
ETag: "e7fb17ed614f54fe6be37c2b7c16560f"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 49595
X-Amz-Cf-Id: alhvqs2ibkrGyP55OpPU2YaFu_OvgfzPxbTgml86aRclD6EOsJsyIw==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:21 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/2816/593178
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

short.png
branding.revenuestripe.com/recommend/
Redirect Chain

http://stripe.rs-2099-a.com/branding/recommend/short.png
http://branding.revenuestripe.com/recommend/short.png

1 KB
2 KB

55ms
30ms

Image
image/png

143.204.214.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://branding.revenuestripe.com/recommend/short.png
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-67.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 19 Jun 2019 11:03:50 GMT
Via: 1.1 18e87eada05046c231b7f49230fa6dc4.cloudfront.net (CloudFront)
Last-Modified: Wed, 12 Aug 2015 16:56:24 GMT
Server: AmazonS3
Age: 1842774
ETag: "b21b189748ab85533f7859fc43cc8806"
X-Cache: Hit from cloudfront
Content-Type: image/png
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1389
X-Amz-Cf-Id: fMjDB-PWZWHw7lU5QgkK5PzKWRlGUCXsPqUi_nSobWs6ut83GImfUQ==

Redirect headers

Date: Wed, 05 Feb 2020 18:59:22 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: http://branding.revenuestripe.com/recommend/short.png
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Length: 0
Request-Context: appId=cid-v1:b1915e72-e266-47bd-9574-958ec8610746

GET
H/1.1 200
OK PRL_GEO_DED_US1.jpg
banyanhill.s3.amazonaws.com/DEDs/2017/ 46 KB
46 KB 276ms
252ms Image
image/jpeg 52.216.171.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://banyanhill.s3.amazonaws.com/DEDs/2017/PRL_GEO_DED_US1.jpg
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 52.216.171.107 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 49b7b7422e220a9803ce72e83d76c777051580059dd608b78aa63d42e675a26e

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:59:23 GMT
Last-Modified: Wed, 01 Mar 2017 17:19:42 GMT
Server: AmazonS3
x-amz-request-id: 7382BE9A31D1364D
ETag: "aeaab43fcabea704da49171e31244b4d"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 47124
x-amz-id-2: NJxrQARLmHUBsC4XBrcJ1eGqxrYa5RjJdK9kZru4qWggG54SSQHxliTgmaEdCceRVRvGdVhgInA=
x-amz-meta-s3b-last-modified: 20170301T171859Z

GET
H/1.1 200
OK line3.jpg
g.dmsgs.com/bmr/ 13 KB
13 KB 743ms
410ms Image
image/jpeg 8.224.216.245
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://g.dmsgs.com/bmr/line3.jpg
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 8.224.216.245 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.7a PHP/5.3.0 /
Resource Hash: 967f2ff087e4c912a6f46dab9bb217019061cb78762042475703ea7e257acc40

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:59:36 GMT
Last-Modified: Mon, 14 Aug 2017 20:08:05 GMT
Server: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.7a PHP/5.3.0
ETag: "13a863a-324c-556bc3885dc2c"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 12876

GET
H/1.1 200
OK sep1.jpg
partiallypolitics.com/wp-content/uploads/2018/08/ 25 KB
25 KB 215ms
202ms Image
image/jpeg 198.71.233.109
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://partiallypolitics.com/wp-content/uploads/2018/08/sep1.jpg

Requested by

Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-109.ip.secureserver.net

Software

Resource Hash

95cc4795236fab4fd79c8f2adfe704397fc7d0a01510c99b51702ef3e32ad43f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Aug 2018 19:47:39 GMT
X-Backend: all_requests
Age: 103172
ETag: "6451-57305e6470cc0"
X-Cacheable: YES
X-Cache: cached
Content-Type: image/jpeg
X-Cache-Hit: HIT
Date: Wed, 05 Feb 2020 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 25681
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

521344
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=0&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/521344

531 KB
532 KB

48ms
35ms

Image
image/gif

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/521344
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d3c775ecffa38301f1fdc1c8d509cacac8b981be7ffc5f060d1fd1368c8827f4

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 16:32:24 GMT
Via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Last-Modified: Wed, 11 Sep 2019 03:36:40 GMT
Server: AmazonS3
Age: 8819
ETag: "7901cc7728699dc445c2bc8de7929c9f"
X-Cache: Hit from cloudfront
Content-Type: image/gif
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 544117
X-Amz-Cf-Id: FIS7pAtD2dzRojty46XkvAt5gTNM4noIhvuhHJDJfBeCDVrVGLhx4Q==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:22 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/521344
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

549449
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=1&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/549449

24 KB
24 KB

42ms
28ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/549449
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f840673ee5bb745d70d55976d6b1748f6c376afbebc11fc428d656081755fca0

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:44:19 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Last-Modified: Mon, 11 Nov 2019 19:05:01 GMT
Server: AmazonS3
Age: 904
ETag: "7ae197f208cf934bc48ebfc59da1e970"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24368
X-Amz-Cf-Id: dR24IIazAQ6OcKQ_Sjr-PfDlj5g1pf99vgk07lzKrIYnix7kuGdO5Q==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:21 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/549449
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

524391
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=2&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/524391

22 KB
22 KB

155ms
141ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/524391
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 14926e95f9d99cf5a4dc78843c045d36ce128e862156448bf30784e8f4eb884e

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:59:23 GMT
Via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Last-Modified: Wed, 11 Sep 2019 03:51:21 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "80d87b5c18597aac5e5b4dd8d1838219"
X-Cache: Miss from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22172
X-Amz-Cf-Id: wX0bOTb-96BAB596ONZ5TGm8LtX5XVna5nI4IVhJQ3t0O_DIAhr2ag==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:22 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/524391
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

593167
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=3&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/593167

22 KB
23 KB

22ms
21ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/593167
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbb3f233a7e684747947c6568612e21d90b2abaf9fa3a118921b29c7f5e901ea

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:44:19 GMT
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
Last-Modified: Tue, 14 Jan 2020 16:57:33 GMT
Server: AmazonS3
Age: 904
ETag: "9f2e716ed1f5eb646f4ec2125f83e09b"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22951
X-Amz-Cf-Id: t-IY0LLF8CptyFUziplVh_wRfC8SRUAS6YnYK3kvo9d2W13mzcbemw==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:21 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/593167
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

593231
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=4&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/593231

26 KB
27 KB

227ms
226ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/593231
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bae4c758b4371f25244034d428da7fa5eb27f4f1b75ddcba45ee99659ae31a01

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 16:32:58 GMT
Via: 1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
Last-Modified: Tue, 14 Jan 2020 18:46:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "6117aa2b15e0a03c5c85becac18fef84"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26698
X-Amz-Cf-Id: EyMWzEHt3k3NKTaJVZR0rUKoYnw-k9j227a_rgnJNT7d3vYnTQUaqA==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:22 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/593231
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

591840
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=5&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/591840

24 KB
25 KB

138ms
137ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/591840
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fcdc1dbfaa6a720755d23f969a5ace2c11ff3858f383f6b15138d72481985428

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:59:23 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a7.cloudfront.net (CloudFront)
Last-Modified: Thu, 09 Jan 2020 23:55:34 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "c8cba6926602bdb107fc48b064a0d2a7"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24924
X-Amz-Cf-Id: x9Y0IFTE0dHXsThZXJKOxHOFHVjsgsox-97NcNcxlwXjwMWha48fkA==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:21 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/591840
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

589731
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=6&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/589731

22 KB
22 KB

146ms
133ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/589731
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3286f62a1b670757708bb448ea332c3b61dd37ffb7534484f231807ad3d2dc56

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:59:23 GMT
Via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
Last-Modified: Tue, 31 Dec 2019 23:19:56 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "a1c0149c766b83a2cf04fc7f3fb1e993"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 22524
X-Amz-Cf-Id: 4Rm2McOYSy5yA5yvcqjdBfRb352MEgQORI4FIoe83OyrqggdSE59gw==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:22 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/589731
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1

200
OK

590509
images-prod.powerinboxedge.com/v3/images/3904/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=16126&cs_sendid=41228985&cs_offset=7&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/3904/590509

21 KB
22 KB

265ms
253ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/3904/590509
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9267e3baf3bad5ef49081ead63a8209dd9f8140cc12c488141850be90861c68

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:59:23 GMT
Via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
Last-Modified: Sat, 04 Jan 2020 00:00:24 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
ETag: "1e842137e1ea01b54baac01df398af88"
X-Cache: Miss from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21987
X-Amz-Cf-Id: zw9L6Gk6R9KUFbHMfpvTpth0TsRFVUYP90QR45HEm5FOxBMuLr57xQ==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:21 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/3904/590509
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1 200
OK emailbottom2.jpg
partiallypolitics.com/wp-content/uploads/2018/08/ 27 KB
27 KB 103ms
103ms Image
image/jpeg 198.71.233.109
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://partiallypolitics.com/wp-content/uploads/2018/08/emailbottom2.jpg

Requested by

Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52

Protocol

HTTP/1.1

Server

198.71.233.109 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),

Reverse DNS

ip-198-71-233-109.ip.secureserver.net

Software

Resource Hash

d96fa693f4649530b8fce694e0b8ffd09688a1566321d19909a10e1ab07abc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Strict-Transport-Security: max-age=300
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Aug 2018 19:25:51 GMT
X-Backend: all_requests
Age: 98439
ETag: "6aed-5730598508dc0"
X-Cacheable: YES
X-Cache: cached
Content-Type: image/jpeg
X-Cache-Hit: HIT
Date: Wed, 05 Feb 2020 18:59:22 GMT
Accept-Ranges: bytes
Content-Length: 27373
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

561651
images-prod.powerinboxedge.com/v3/images/0/
Redirect Chain

http://stripe.rs-2099-a.com/stripe/image?cs_email=balandyk@wisc.edu&cs_stripeid=117104&cs_sendid=41228985&cs_offset=0&cs_esp=dms
http://images-prod.powerinboxedge.com/v3/images/0/561651

85 KB
85 KB

21ms
20ms

Image
image/png

143.204.214.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://images-prod.powerinboxedge.com/v3/images/0/561651
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 143.204.214.100 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-100.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0f09593e3a1dcba2719c42e99fa5466863541af6a91ec8d268b52ac2f6a037e

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Wed, 05 Feb 2020 18:05:47 GMT
Via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
Last-Modified: Fri, 04 Oct 2019 18:52:02 GMT
Server: AmazonS3
Age: 3216
ETag: "dd965cea8847d8f703b265604bb04ea7"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: public, max-age=3600
X-Amz-Cf-Pop: FRA53-C1
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86664
X-Amz-Cf-Id: 1U2WeNrGiRjB2qTVnUoLfZID70l7-chOHVSK1dBpU4YMEhBFOW0ftA==

Redirect headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:22 GMT
X-AspNetMvc-Version: 5.2, 5.2
Server: Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Location: http://images-prod.powerinboxedge.com/v3/images/0/561651
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Expires: -1
Content-Length: 0
Request-Context: appId=cid-v1:c81c81d8-6bb4-4302-9533-f40a26ff4bff

GET
H/1.1 200
OK img.gif
trk.cp20.com/open/g8ff-1qrn0v--d3phdr57/ 77 B
249 B 245ms
231ms Image
image/gif 216.24.224.100
ETOLL1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://trk.cp20.com/open/g8ff-1qrn0v--d3phdr57/img.gif
Requested by: Host: secure.campaigner.com
URL: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
Protocol: HTTP/1.1
Server: 216.24.224.100 Ottawa, Canada, ASN17358 (ETOLL1, CA),
Reverse DNS: click.skem1.com
Software: WEB03 /
Resource Hash: e59300e0e5efc6b23adc117f9c8d9ddbd2981773a1c49226c7e427df583691f1

Request headers

Referer: http://secure.campaigner.com/csb/Public/show/g8ff-1qrn0v--ojohl-d3phdr52
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 05 Feb 2020 18:59:22 GMT
Cache-Control: no-cache
Server: WEB03
Content-Type: image/gif
Content-Length: 77
Expires: -1

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			secure.campaigner.com/	1970-01-19 08:48:49	Name: .ASPXANONYMOUS Value: A0fkNugS1gEkAAAAOWY2ZTM2ZDQtNGM1YS00MTUwLWI0ZTUtNmQwMzUwMTcxZmJiZVrD1haa_IG6b2djdWfBI1RyEaY1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors *
X-Content-Security-Policy	frame-ancestors *
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

banyanhill.s3.amazonaws.com
branding.revenuestripe.com
g.dmsgs.com
images-prod.powerinboxedge.com
partiallypolitics.com
secure.campaigner.com
stripe.rs-2099-a.com
trk.cp20.com
143.204.214.100
143.204.214.67
198.71.233.109
216.24.224.100
216.24.224.42
52.216.171.107
70.37.54.108
8.224.216.245
14926e95f9d99cf5a4dc78843c045d36ce128e862156448bf30784e8f4eb884e
2356dce9b1378ae5e81d1f447a653affc7cdff127dd87a3fe64c0b707d5a4779
3286f62a1b670757708bb448ea332c3b61dd37ffb7534484f231807ad3d2dc56
3e8f432938bb68e2d2ee6cfb81dae2885267c58b1abc04f663266eb0ee028d5b
49b7b7422e220a9803ce72e83d76c777051580059dd608b78aa63d42e675a26e
7298ac333bec1e6e6cdbccfb3688f900510770ec58fa83db582430c624e3b609
843630b029a0f48dbad89b365e9b1b90fe8c19b3586d2f43090b95814d91751b
95cc4795236fab4fd79c8f2adfe704397fc7d0a01510c99b51702ef3e32ad43f
967f2ff087e4c912a6f46dab9bb217019061cb78762042475703ea7e257acc40
ae5405ba571816862b77c835256e3c26994963b43f84e73c36e9a408773a0450
bae4c758b4371f25244034d428da7fa5eb27f4f1b75ddcba45ee99659ae31a01
c9b33a0f121b6bcbe07ef6677977226b960aa6270a37c2de9187766d22fc64e7
cbb3f233a7e684747947c6568612e21d90b2abaf9fa3a118921b29c7f5e901ea
d3c775ecffa38301f1fdc1c8d509cacac8b981be7ffc5f060d1fd1368c8827f4
d96fa693f4649530b8fce694e0b8ffd09688a1566321d19909a10e1ab07abc56
d97e98ad8364d255edf3b02e6c62a5484ee46a76e95806ac284b8f72d47935f1
e59300e0e5efc6b23adc117f9c8d9ddbd2981773a1c49226c7e427df583691f1
f0f09593e3a1dcba2719c42e99fa5466863541af6a91ec8d268b52ac2f6a037e
f840673ee5bb745d70d55976d6b1748f6c376afbebc11fc428d656081755fca0
f9267e3baf3bad5ef49081ead63a8209dd9f8140cc12c488141850be90861c68
fcdc1dbfaa6a720755d23f969a5ace2c11ff3858f383f6b15138d72481985428

secure.campaigner.com Open in urlscan Pro 216.24.224.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

21 Requests

0 %HTTPS

0 %IPv6

8 Domains

8 Subdomains

7 IPs

2 Countries

1012 kBTransfer

1076 kBSize

1 Cookies

21 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

secure.campaigner.com Open in urlscan Pro
216.24.224.42 Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

0 %
HTTPS

0 %
IPv6

8
Domains

8
Subdomains

7
IPs

2
Countries

1012 kB
Transfer

1076 kB
Size

1
Cookies

21 HTTP transactions
0 data transactions