join.theintercept.com Open in urlscan Pro
54.241.155.11 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://join.theintercept.com/
Effective URL:
https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Submission: On November 19 via api (November 19th 2023, 10:26:03 am UTC) from AU — Scanned from AU

Summary HTTP 46 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 46 HTTP transactions. The main IP is 54.241.155.11, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is join.theintercept.com.
TLS certificate: Issued by R3 on November 7th 2023. Valid for: 3 months.

This is the only time join.theintercept.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	54.241.155.11 54.241.155.11	16509 (AMAZON-02) (AMAZON-02)
1	172.217.167.74 172.217.167.74	15169 (GOOGLE) (GOOGLE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.66.234 142.250.66.234	15169 (GOOGLE) (GOOGLE)
2	13.224.181.12 13.224.181.12	16509 (AMAZON-02) (AMAZON-02)
1 9	192.229.232.89 192.229.232.89	15133 (EDGECAST) (EDGECAST)
2	172.217.24.40 172.217.24.40	15169 (GOOGLE) (GOOGLE)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
2	172.217.24.46 172.217.24.46	15169 (GOOGLE) (GOOGLE)
8	13.55.196.179 13.55.196.179	16509 (AMAZON-02) (AMAZON-02)
5	151.101.129.21 151.101.129.21	54113 (FASTLY) (FASTLY)
1	35.81.31.24 35.81.31.24	16509 (AMAZON-02) (AMAZON-02)
1 2	64.4.245.7 64.4.245.7	17012 (PAYPAL) (PAYPAL)
46	14

5 54.241.155.11 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-241-155-11.us-west-1.compute.amazonaws.com

join.theintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.167.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.181.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-12.syd1.r.cloudfront.net

static.theintercept.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.229.232.89 (Marlborough, United States) 1 redirects

ASN15133 (EDGECAST, US)

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.24.40 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.24.46 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.55.196.179 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.129.21 (United States)

ASN54113 (FASTLY, US)

c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.31.24 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-31-24.us-west-2.compute.amazonaws.com

ssl.kaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.7 (United States) 1 redirects

ASN17012 (PAYPAL, US)

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hnd.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	braintreegateway.com 1 redirects js.braintreegateway.com — Cisco Umbrella Rank: 9477 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8897 assets.braintreegateway.com — Cisco Umbrella Rank: 17170	163 KB
7	paypal.com 1 redirects c.paypal.com — Cisco Umbrella Rank: 7837 b.stats.paypal.com — Cisco Umbrella Rank: 6268 hnd.stats.paypal.com — Cisco Umbrella Rank: 118484 c6.paypal.com Failed	47 KB
7	theintercept.com join.theintercept.com static.theintercept.com — Cisco Umbrella Rank: 359037	356 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	312 B
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9569	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	161 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	18 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	35 KB
1	kaptcha.com ssl.kaptcha.com — Cisco Umbrella Rank: 8876	366 B
46	9

	Domain	Requested by
8	client-analytics.braintreegateway.com	join.theintercept.com assets.braintreegateway.com
5	c.paypal.com	js.braintreegateway.com c.paypal.com
5	js.braintreegateway.com	join.theintercept.com
5	join.theintercept.com	join.theintercept.com
4	assets.braintreegateway.com	1 redirects js.braintreegateway.com
2	www.google-analytics.com	www.googletagmanager.com
2	payments.braintree-api.com	join.theintercept.com
2	www.googletagmanager.com	join.theintercept.com www.googletagmanager.com
2	static.theintercept.com	join.theintercept.com static.theintercept.com
2	cdnjs.cloudflare.com	join.theintercept.com
1	hnd.stats.paypal.com
1	b.stats.paypal.com	1 redirects
1	ssl.kaptcha.com	js.braintreegateway.com
1	ajax.googleapis.com	join.theintercept.com
1	fonts.googleapis.com	join.theintercept.com
0	c6.paypal.com Failed
46	16

This site contains links to these domains. Also see Links.

Domain
theintercept.com

Subject Issuer	Validity	Valid
act.weareultraviolet.org R3	`2023-11-07` - `2024-02-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
static.theintercept.com Amazon RSA 2048 M02	`2023-06-28` - `2024-07-26`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2023-02-24` - `2024-03-26`	a year	crt.sh
ssl.kaptcha.com Sectigo RSA Organization Validation Secure Server CA	`2023-08-16` - `2024-08-15`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Frame ID: BA744B766145151C7D8505CC5A493406
Requests: 29 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html
Frame ID: FAB875F3F5719EF8FFD24B4223EA34D8
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html
Frame ID: 71C16A9FDF990E192494B7D936C08CC3
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html
Frame ID: AC0086BCBDB71CED79067F24E37B6CF8
Requests: 1 HTTP requests in this frame

Frame: https://ssl.kaptcha.com/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc
Frame ID: 4EA987994C50F68A84AC5487B344BE8F
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: D86F4B66D913F07A3BC33BA0FA021C8E
Requests: 5 HTTP requests in this frame

Frame: https://hnd.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14
Frame ID: A76E04A1D4A909EAA9FEC5F2DD2D74A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate | The Intercept

Page URL History Show full URLs

https://join.theintercept.com/ Page URL
https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Page URL

Detected technologies

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

46
Requests

85 %
HTTPS

0 %
IPv6

9
Domains

16
Subdomains

14
IPs

3
Countries

781 kB
Transfer

2251 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://theintercept.com/

Search URL Search Domain Scan URL

URL: https://theintercept.com/terms-use/
Title: TERMS OF USE

Search URL Search Domain Scan URL

URL: https://theintercept.com/donor-privacy/
Title: DONOR PRIVACY

Search URL Search Domain Scan URL

URL: https://theintercept.com/donor-faq/
Title: DONOR FAQ

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://join.theintercept.com/ Page URL
https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

https://assets.braintreegateway.com/data/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc HTTP 301
https://ssl.kaptcha.com/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc

Request Chain 39

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14 HTTP 302
https://hnd.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14

46 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 /
join.theintercept.com/ 3 KB
1001 B 496ms
163ms Document
text/html 54.241.155.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.155.11 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-155-11.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Nov 2023 10:25:59 GMT
server: openresty
vary: Accept-Encoding Cookie, Origin

GET
H2 200 Primary Request now Show response
join.theintercept.com/donate/ 658 KB
215 KB 758ms
758ms Document
text/html 54.241.155.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.155.11 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-155-11.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 12d9bd40f25c150b654bfe86701f9af5365fab250e20b6520ebc40a3110d01c7

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 19 Nov 2023 10:25:59 GMT
server: openresty
vary: Accept-Encoding Cookie, Origin

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 208ms
98ms Stylesheet
text/css 172.217.167.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:100,300,400,600,700

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f10.1e100.net

Software

ESF /

Resource Hash

575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 19 Nov 2023 10:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 09:26:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 19 Nov 2023 10:26:00 GMT

GET
H2 200 select2.min.css
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/ 15 KB
2 KB 26ms
17ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/css/select2.min.css

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 838710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1640
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-3bab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P09EMiE24IXof6MxgmnIDvSpVZFcrrEBZ8nWaSiK4UaSX46vPC7I51fz%2F9kCVHY7F%2BQOXD9LuRle7sqeyubvuI%2BcbJB8JlPWA0E2Ij%2FrHQHrNfwjkM%2BLOh7Htd9eFAyOSTS50N3n"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8287c09dda2aa801-SYD
expires: Fri, 08 Nov 2024 10:25:59 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 91 KB
33 KB 112ms
3ms Script
text/javascript 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

sffe /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 21:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33593
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 13 Nov 2024 21:34:30 GMT

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/ 66 KB
16 KB 23ms
14ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.6-rc.0/js/select2.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:25:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 838709
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 15961
last-modified: Mon, 04 May 2020 16:16:11 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fcb-108a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lUz23rWncIYKU89FnwUftZ8TEABulWvEIemJfFIlvW%2FE8I5HM0fcL2CZSe13kLx2OAvP3oJh0qbtjfNPmyqsaYWsNyZ4YbclCKA7UUwN%2FOLOPZsZfPPOEKqEfbOhs94XvGoidSb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8287c09dda2ca801-SYD
expires: Fri, 08 Nov 2024 10:25:59 GMT

GET
H2 200 actionkit.js Show response
join.theintercept.com/resources/ 98 KB
36 KB 294ms
294ms Script
application/javascript 54.241.155.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/resources/actionkit.js
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.155.11 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-155-11.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 531c8e98e6cf7f42627d226e3644a39dddda7ae836544d5a4079c578237fccb1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:26:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2023 22:35:46 GMT
server: openresty
etag: W/"655547c2-1898c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 ti-v1.css
static.theintercept.com/ti.js/ 39 KB
40 KB 437ms
3ms Stylesheet
text/css 13.224.181.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.theintercept.com/ti.js/ti-v1.css
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-12.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94cee049fa250188a625351cf53f0edeac22ec7d7c6d204f91ed91f9a5f67d7e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:28:35 GMT
via: 1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jul 2023 21:19:45 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C2
age: 3446
x-amz-server-side-encryption: AES256
etag: "90cffd50169e4fa8f9bf62b204328c76"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 40252
x-amz-cf-id: kfpnG92cepNibNgushLPIyncBMHckJpSM4h_nBAeek9HKSwSSJkiKQ==

GET
H2 200 ti-v1.js Show response
static.theintercept.com/ti.js/ 53 KB
54 KB 295ms
4ms Script
application/javascript 13.224.181.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.theintercept.com/ti.js/ti-v1.js
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.181.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-181-12.syd1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3da1518015f4be46b8ae1c159ecbb812f5eddc60f2c7a4abc7ac7f9eca72703e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 09:51:24 GMT
via: 1.1 c71e51961956d2c084f13451959744de.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jul 2023 21:19:45 GMT
server: AmazonS3
x-amz-cf-pop: SYD1-C2
age: 2077
x-amz-server-side-encryption: AES256
etag: "bfc7b3f8179c157df862cfc33f7b4f6c"
vary: Origin
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 54455
x-amz-cf-id: 7jW-02EYDhVwzIWR6KpAKLD3R_f4PzlnUty413VeBrshwf660Zxk-Q==

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 41 KB
12 KB 20ms
5ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/client.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E794) /

Resource Hash

0c7426dab3210a5bf3c4b4924bc678c0001f4765137ba482ac8fc07fb4f32001

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sun, 19 Nov 2023 10:26:00 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E794)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f26f-a4b4+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 12581
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 three-d-secure.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 58 KB
15 KB 20ms
5ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/three-d-secure.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E79A) /

Resource Hash

a68f878b0525f6d9ab5cad197a55bf60f8610e4bd0f9867dca3daaf25e99bdfb

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sun, 19 Nov 2023 10:26:00 GMT
last-modified: Wed, 15 Nov 2023 16:31:45 GMT
server: ECAcc (nwa/E79A)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f271-e92a+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 15539
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 hosted-fields.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 61 KB
17 KB 17ms
4ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7AF) /

Resource Hash

38e7c1f2b12b0503566f214cfcde7353ab180deab7a4ec39d539c0b4623bb761

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sun, 19 Nov 2023 10:26:00 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E7AF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f26f-f591+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17329
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 data-collector.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 31 KB
10 KB 20ms
7ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/data-collector.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7B0) /

Resource Hash

2f3793dd173f59b85a16571e416ccf588b2034dded889a21b1a1251a1ada52b8

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sun, 19 Nov 2023 10:26:00 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E7B0)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f26f-7bae+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 10532
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 us-bank-account.min.js Show response
js.braintreegateway.com/web/3.69.0/js/ 24 KB
7 KB 20ms
8ms Script
application/javascript 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.69.0/js/us-bank-account.min.js

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E7BF) /

Resource Hash

84b343633e2b0f92ed854df2f6c90c3b92c01f9e52f596e12abc4bbeec8afaac

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
date: Sun, 19 Nov 2023 10:26:00 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E7BF)
strict-transport-security: max-age=63072000; includeSubDomains; preload
etag: "6554f26f-5e10+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 7193
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 ak_braintree_vzero.js Show response
join.theintercept.com/resources/ 16 KB
4 KB 297ms
291ms Script
application/javascript 54.241.155.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/resources/ak_braintree_vzero.js
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.155.11 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-155-11.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:26:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Nov 2023 22:35:46 GMT
server: openresty
etag: W/"655547c2-4065"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
expires: Mon, 20 Nov 2023 10:26:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 184 KB
66 KB 522ms
120ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3FG883

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

ac44124457839c2cdcc0265016457fa593c230626c863c32fc913b84b8128fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:26:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67281
x-xss-protection: 0
last-modified: Sun, 19 Nov 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 19 Nov 2023 10:26:00 GMT

GET 4e0f70944bd0a2faaf07.woff
static.theintercept.com/ti.js/ 0
0

GET 0a375848f53f007cd85f.woff
static.theintercept.com/ti.js/ 0
0

GET 9893531b7abc7f6ee9c0.woff
static.theintercept.com/ti.js/ 0
0

GET edcbc2f6b7d791cb7e2c.woff
static.theintercept.com/ti.js/ 0
0

GET
H2 200 now Show response
join.theintercept.com/context/ 13 KB
6 KB 394ms
394ms Script
text/javascript 54.241.155.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://join.theintercept.com/context/now?callback=actionkit.forms.onContextLoaded&form_name=donate&required=email&required=country&r=0.11764367595547154&url=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join
Requested by: Host: join.theintercept.com
URL: https://join.theintercept.com/resources/actionkit.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.241.155.11 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-241-155-11.us-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 7a4203e8a73471c8e657863c71c1d02ccff8c9fcab203203fe806f13afd2e33f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:26:00 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding, Cookie, Origin
content-type: text/javascript

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 23ms
7ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://join.theintercept.com
access-control-max-age: 1800
date: Sun, 19 Nov 2023 10:26:01 GMT
paypal-debug-id: 41721678226d4
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 419ms
419ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

4fe4cb2d8cad641975705a617e48bf5ec41b41380daa6f97d38fadf256848da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://join.theintercept.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MDA0NzU5NTksImp0aSI6IjYwZGU0NWI3LWRhZmQtNGI3My1iN2M3LTIyNmJkNzNjYWEyZCIsInN1YiI6Imh0amhwcjR6YjRoM3Q4ankiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Imh0amhwcjR6YjRoM3Q4ankiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0Ijp0cnVlfSwicmlnaHRzIjpbIm1hbmFnZV92YXVsdCJdLCJzY29wZSI6WyJCcmFpbnRyZWU6VmF1bHQiXSwib3B0aW9ucyI6e319.yY7-8XmfG1ZsgvmLcIZCK3JPHGbSJtYtQcG20_8Kom_EeGu2AeFZ1t4lEU0SOV1kiBiBGyDB0pu_c1_lcnIfrA
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://join.theintercept.com
paypal-debug-id: 3d0e51b3a9444
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 933

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
95 KB 118ms
117ms Script
application/javascript 172.217.24.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-94T13D50WM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3FG883

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.40 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

7e09e5dd16ea65d71710078acbbffdb024e75c760bc1167ad28969b5b11a953e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:26:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 19 Nov 2023 10:26:01 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 507ms
101ms Ping
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-94T13D50WM&gtm=45je3b81v9102699625z89102470158&_p=1700389560428&gcd=11l1l1l1l1&dma=0&cid=173694001.1700389561&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1700389561&sct=1&seg=0&dl=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&dr=https%3A%2F%2Fjoin.theintercept.com%2F&dt=Donate%20%7C%20The%20Intercept&en=page_view&_fv=1&_nsi=1&_ss=1&ep.anonymizeIp=true&tfd=2271
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94T13D50WM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:26:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://join.theintercept.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 490ms
98ms Ping
text/plain 172.217.24.46
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-94T13D50WM&gtm=45je3b81v9102699625&_p=1700389560428&gcd=11l1l1l1l1&dma=0&cid=173694001.1700389561&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEA&_s=2&sid=1700389561&sct=1&seg=0&dl=https%3A%2F%2Fjoin.theintercept.com%2Fdonate%2Fnow%3Fsource%3Dweb_intercept_20201104_redirect_sub_join&dr=https%3A%2F%2Fjoin.theintercept.com%2F&dt=Donate%20%7C%20The%20Intercept&en=scroll&ep.anonymizeIp=true&epn.percent_scrolled=90&_et=6&tfd=2285
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-94T13D50WM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 10:26:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://join.theintercept.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 14ms
3ms Preflight 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 19 Nov 2023 10:26:01 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 15ms
4ms Preflight 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 19 Nov 2023 10:26:01 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ 0
356 B 7ms
6ms XHR
text/plain 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://join.theintercept.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Nov 2023 10:26:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ 0
356 B 6ms
5ms XHR
text/plain 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://join.theintercept.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Nov 2023 10:26:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 9ms
4ms Preflight 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://join.theintercept.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 19 Nov 2023 10:26:01 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ 0
356 B 7ms
5ms XHR
text/plain 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: join.theintercept.com
URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://join.theintercept.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Nov 2023 10:26:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://join.theintercept.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ 62 KB
22 KB 471ms
153ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/data-collector.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (laa/7B76) /

Resource Hash

6984ea6c3c74dcbc9ffd623a70d5e9fc08366f1548529f4ee315b72ec1942955

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 189260
date: Sun, 19 Nov 2023 10:26:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 886176
x-cache: HIT
paypal-debug-id: 89bf0212e2ac8
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21686
x-served-by: cache-bfi-krnt7300025-BFI
last-modified: Thu, 09 Nov 2023 03:53:28 GMT
server: ECAcc (laa/7B76)
traceparent: 00-000000000000000000089bf0212e2ac8-5694af2a38b4144a-01
x-timer: S1700389562.892816,VS0,VE1
etag: W/"654c57b8-f992"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:26:01 GMT

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.69.0/html/ Frame FAB8 123 KB
33 KB 19ms
14ms Document
text/html 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E79A) /

Resource Hash

3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: gzip
content-length: 33836
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sun, 19 Nov 2023 10:26:01 GMT
etag: "6554f26f-1ec25+gzip"
expires: Mon, 20 Nov 2023 10:26:01 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E79A)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.69.0/html/ Frame 71C1 123 KB
33 KB 18ms
13ms Document
text/html 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E79A) /

Resource Hash

3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: gzip
content-length: 33836
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sun, 19 Nov 2023 10:26:01 GMT
etag: "6554f26f-1ec25+gzip"
expires: Mon, 20 Nov 2023 10:26:01 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E79A)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.69.0/html/ Frame AC00 123 KB
33 KB 7ms
3ms Document
text/html 192.229.232.89
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/hosted-fields.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.232.89 Marlborough, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (nwa/E79A) /

Resource Hash

3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: gzip
content-length: 33836
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sun, 19 Nov 2023 10:26:01 GMT
etag: "6554f26f-1ec25+gzip"
expires: Mon, 20 Nov 2023 10:26:01 GMT
last-modified: Wed, 15 Nov 2023 16:31:43 GMT
server: ECAcc (nwa/E79A)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-cache: HIT

GET
H/1.1

200
OK

logo.htm Show response
ssl.kaptcha.com/ Frame 4EA9
Redirect Chain

https://assets.braintreegateway.com/data/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc
https://ssl.kaptcha.com/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc

41 B
366 B

556ms
163ms

Document
text/html

35.81.31.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.kaptcha.com/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.69.0/js/data-collector.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 35.81.31.24 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-31-24.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache no-store must-revalidate private
Content-Length: 41
Content-Type: text/html
Date: Sun, 19 Nov 2023 10:26:01 GMT
Expires: 0
Pragma: no-cache
X-Correlation-Id: 6c8270d8-1a37-471d-b40d-423061534d6d

Redirect headers

content-encoding: gzip
content-length: 20
date: Sun, 19 Nov 2023 10:26:01 GMT
location: https://ssl.kaptcha.com/logo.htm?m=null&s=71be579c9b15c9cba66dc49f74d63acc
server: ECAcc (nwa/E7B3)
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding

POST
H/1.1 200
OK htjhpr4zb4h3t8jy Show response
client-analytics.braintreegateway.com/ Frame FAB8 0
362 B 5ms
5ms XHR
text/plain 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Requested by

Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.69.0/html/hosted-fields-frame.min.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://assets.braintreegateway.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

Date: Sun, 19 Nov 2023 10:26:01 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK htjhpr4zb4h3t8jy
client-analytics.braintreegateway.com/ Frame 0
0 4ms
4ms Preflight 13.55.196.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/htjhpr4zb4h3t8jy

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.55.196.179 Sydney, Australia, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-55-196-179.ap-southeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.braintreegateway.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Sun, 19 Nov 2023 10:26:01 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame D86F 160 B
1 KB 212ms
212ms Document
text/html 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://join.theintercept.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: sec-ch-ua, sec-ch-ua-mobile, sec-ch-ua-full-version, sec-ch-ua-full-version-list, sec-ch-ua-platform, sec-ch-ua-platform-version, sec-ch-ua-arch, sec-ch-ua-wow64, sec-ch-ua-bitness, sec-ch-ua-model, sec-ch-ua-full
accept-ranges: none
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: 2e0965f0d60a4
date: Sun, 19 Nov 2023 10:26:02 GMT
origin-trial: A0A/uBW0ogQIica1KkPCeSOoHfvTATXdyRg8F/Ka8gjK4pCprEDwF3d3wTxNzSPn1ASb5ncpd46h7RQiSqGYpA8AAACMeyJvcmlnaW4iOiJodHRwczovL2MucGF5cGFsLmNvbTo0NDMiLCJmZWF0dXJlIjoiU2VuZEZ1bGxVc2VyQWdlbnRBZnRlclJlZHVjdGlvbiIsImV4cGlyeSI6MTY5NTUxMzU5OSwiaXNTdWJkb21haW4iOnRydWUsImlzVGhpcmRQYXJ0eSI6dHJ1ZX0=
paypal-debug-id: 2e0965f0d60a4
server-timing: "traceparent;desc="00-00000000000000000002e0965f0d60a4-7defaa68230d21cf-01"";content-encoding;desc="br",x-cdn;desc="fastly"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000002e0965f0d60a4-c216c2c97700357a-01
vary: Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-content-type-options: nosniff
x-served-by: cache-bur-kbur8200103-BUR, cache-bfi-krnt7300025-BFI
x-timer: S1700389562.116570,VS0,VE58
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
hnd.stats.paypal.com/ Frame A76E
Redirect Chain

https://b.stats.paypal.com/counter.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14
https://hnd.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14

42 B
299 B

340ms
111ms

Image
image/jpeg

64.4.245.7
PAYPAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hnd.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14
Protocol: HTTP/1.1
Server: 64.4.245.7 , United States, ASN17012 (PAYPAL, US),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://join.theintercept.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 10:26:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://hnd.stats.paypal.com/counter2.cgi?i=127.0.0.1&p=8faeb0661fd3b5905f69497911e39640&t=1700389561.505&a=14
Date: Sun, 19 Nov 2023 10:26:02 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame D86F 62 KB
22 KB 154ms
153ms Script
application/javascript 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

ECAcc (laa/7B76) /

Resource Hash

6984ea6c3c74dcbc9ffd623a70d5e9fc08366f1548529f4ee315b72ec1942955

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits: 189261
date: Sun, 19 Nov 2023 10:26:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
via: 1.1 varnish
age: 886176
x-cache: HIT
paypal-debug-id: 89bf0212e2ac8
server-timing: content-encoding;desc="gzip",x-cdn;desc="fastly"
dc: ccg11-origin-www-1.paypal.com
content-length: 21686
x-served-by: cache-bfi-krnt7300025-BFI
last-modified: Thu, 09 Nov 2023 03:53:28 GMT
server: ECAcc (laa/7B76)
traceparent: 00-000000000000000000089bf0212e2ac8-5694af2a38b4144a-01
x-timer: S1700389562.339495,VS0,VE1
etag: W/"654c57b8-f992"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate,max-age=86400
access-control-allow-credentials: false
access-control-max-age: 86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 20 Nov 2023 10:26:02 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame D86F 212 B
573 B 243ms
243ms XHR
application/json 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3060f658300123cf6f5e21c1ebaceff5763d5abb2fff86d74d5d1c4eafd619ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Nov 2023 10:26:02 GMT
via: 1.1 varnish, 1.1 varnish
disable-set-cookie: true
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: eda9561b66356
server-timing: "traceparent;desc="00-0000000000000000000eda9561b66356-721d56b38850478a-01"";content-encoding;desc="",x-cdn;desc="fastly"
content-length: 212
x-served-by: cache-bur-kbur8200151-BUR, cache-bfi-krnt7300025-BFI
correlation-id: eda9561b66356
traceparent: 00-0000000000000000000eda9561b66356-50052c31c3afdc98-01
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame D86F 0
427 B 233ms
233ms XHR
text/plain 151.101.129.21
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.21 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 19 Nov 2023 10:26:02 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-cache: MISS, MISS
paypal-debug-id: fdf5abd6e8493
server-timing: "traceparent;desc="00-0000000000000000000fdf5abd6e8493-099829dc138fb6fe-01"";content-encoding;desc="",x-cdn;desc="fastly"
x-served-by: cache-bur-kbur8200078-BUR, cache-bfi-krnt7300025-BFI
correlation-id: fdf5abd6e8493
traceparent: 00-0000000000000000000fdf5abd6e8493-06fccaf3b635c4a0-01
vary: Accept-Encoding
access-control-allow-origin: https://www.paypal.com
access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0, 0

GET p3
c6.paypal.com/v1/r/d/b/ Frame D86F 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/4e0f70944bd0a2faaf07.woff

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/0a375848f53f007cd85f.woff

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/9893531b7abc7f6ee9c0.woff

Domain: static.theintercept.com
URL: https://static.theintercept.com/ti.js/edcbc2f6b7d791cb7e2c.woff

Domain: c6.paypal.com
URL: https://c6.paypal.com/v1/r/d/b/p3?f=8faeb0661fd3b5905f69497911e39640&s=BRAINTREE_SIGNIN

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.theintercept.com/	1970-01-21 01:55:49	Name: _ga Value: GA1.1.173694001.1700389561
			.theintercept.com/	1970-01-21 01:55:49	Name: _ga_94T13D50WM Value: GS1.1.1700389561.1.0.1700389561.0.0.0

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/4e0f70944bd0a2faaf07.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/4e0f70944bd0a2faaf07.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/9893531b7abc7f6ee9c0.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/9893531b7abc7f6ee9c0.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/edcbc2f6b7d791cb7e2c.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/edcbc2f6b7d791cb7e2c.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://join.theintercept.com/donate/now?source=web_intercept_20201104_redirect_sub_join Message: Access to font at 'https://static.theintercept.com/ti.js/0a375848f53f007cd85f.woff' from origin 'https://join.theintercept.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://static.theintercept.com/ti.js/0a375848f53f007cd85f.woff Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets.braintreegateway.com
b.stats.paypal.com
c.paypal.com
c6.paypal.com
cdnjs.cloudflare.com
client-analytics.braintreegateway.com
fonts.googleapis.com
hnd.stats.paypal.com
join.theintercept.com
js.braintreegateway.com
payments.braintree-api.com
ssl.kaptcha.com
static.theintercept.com
www.google-analytics.com
www.googletagmanager.com
c6.paypal.com
static.theintercept.com
104.17.25.14
13.224.181.12
13.248.139.42
13.55.196.179
142.250.66.234
151.101.129.21
172.217.167.74
172.217.24.40
172.217.24.46
192.229.232.89
35.81.31.24
54.241.155.11
64.4.245.7
0c7426dab3210a5bf3c4b4924bc678c0001f4765137ba482ac8fc07fb4f32001
1100388fbf996eb7b0090bf027336657188a330191b295cc1a0b7b23a0008aab
12d9bd40f25c150b654bfe86701f9af5365fab250e20b6520ebc40a3110d01c7
1cd91b9dd3e258ce4421181a85cde15a2b860fa0adc0580c7c4534a37cde69ba
2f3793dd173f59b85a16571e416ccf588b2034dded889a21b1a1251a1ada52b8
3060f658300123cf6f5e21c1ebaceff5763d5abb2fff86d74d5d1c4eafd619ea
3599fbdd9e28340d8db2d380e4b37ec509828b0dde2a37a5785d2da96dd2f426
38e7c1f2b12b0503566f214cfcde7353ab180deab7a4ec39d539c0b4623bb761
3da1518015f4be46b8ae1c159ecbb812f5eddc60f2c7a4abc7ac7f9eca72703e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4fe4cb2d8cad641975705a617e48bf5ec41b41380daa6f97d38fadf256848da8
531c8e98e6cf7f42627d226e3644a39dddda7ae836544d5a4079c578237fccb1
575bbbf8b2076fd27f1020084ed48b141c1045ad0165c4154643bc1ae0476a65
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6984ea6c3c74dcbc9ffd623a70d5e9fc08366f1548529f4ee315b72ec1942955
7a4203e8a73471c8e657863c71c1d02ccff8c9fcab203203fe806f13afd2e33f
7e09e5dd16ea65d71710078acbbffdb024e75c760bc1167ad28969b5b11a953e
84b343633e2b0f92ed854df2f6c90c3b92c01f9e52f596e12abc4bbeec8afaac
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
94cee049fa250188a625351cf53f0edeac22ec7d7c6d204f91ed91f9a5f67d7e
a09179dd962df38a01440ce2e4748c37bd832fe1ac2f65ad974490a89d63d129
a68f878b0525f6d9ab5cad197a55bf60f8610e4bd0f9867dca3daaf25e99bdfb
ac44124457839c2cdcc0265016457fa593c230626c863c32fc913b84b8128fa1
b0e6490ff469608c304fd1b538dc48514df06c9938cb838a7839f61768aa5baf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

join.theintercept.com Open in urlscan Pro 54.241.155.11 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

46 Requests

85 %HTTPS

0 %IPv6

9 Domains

16 Subdomains

14 IPs

3 Countries

781 kBTransfer

2251 kBSize

2 Cookies

4 Outgoing links

Page URL History

Redirected requests

46 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

join.theintercept.com Open in urlscan Pro
54.241.155.11 Public Scan

Screenshot
Live screenshot

Full Image

46
Requests

85 %
HTTPS

0 %
IPv6

9
Domains

16
Subdomains

14
IPs

3
Countries

781 kB
Transfer

2251 kB
Size

2
Cookies

46 HTTP transactions
-1 data transactions