win.votetimscott.com Open in urlscan Pro
3.126.202.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.email.votetimscott.com/?qs=466f2ed2a70cb1cb6daa5332d40266ca1206cf2851fbb754d773cab330595d52d1221875a166a1dba3ac9c3c4aec...
Effective URL:
https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_ti...
Submission: On August 28 via api (August 28th 2023, 5:24:03 pm UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 2 countries across 17 domains to perform 33 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is win.votetimscott.com.
TLS certificate: Issued by R3 on July 12th 2023. Valid for: 3 months.

This is the only time win.votetimscott.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.235.89 13.111.235.89	14340 (SALESFORCE) (SALESFORCE)
1	3.126.202.50 3.126.202.50	16509 (AMAZON-02) (AMAZON-02)
3	143.204.9.103 143.204.9.103	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:de00:b:3165:13c0:21	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	52.222.250.12 52.222.250.12	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.181 151.101.1.181	54113 (FASTLY) (FASTLY)
3	13.32.99.8 13.32.99.8	16509 (AMAZON-02) (AMAZON-02)
1	54.175.49.101 54.175.49.101	14618 (AMAZON-AES) (AMAZON-AES)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	108.138.15.119 108.138.15.119	16509 (AMAZON-02) (AMAZON-02)
2	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
2	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
33	20

1 13.111.235.89 (United States) 1 redirects

ASN14340 (SALESFORCE, US)
PTR: click.email.votetimscott.com

click.email.votetimscott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com

win.votetimscott.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.9.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-9-103.mxp64.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:de00:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)

d1wbjksx0xxdn3.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.250.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.181 (United States)

ASN54113 (FASTLY, US)

views.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-8.fra60.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.49.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-49-101.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn1.decide.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.15.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-15-119.fra56.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	cloudfront.net d1wbjksx0xxdn3.cloudfront.net d9hhrg4mnvzow.cloudfront.net	193 KB
3	adsrvr.org js.adsrvr.org — Cisco Umbrella Rank: 1509 insight.adsrvr.org — Cisco Umbrella Rank: 590	3 KB
3	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 26405	46 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	294 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 22323	39 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	216 B
2	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 720	1 KB
2	t.co t.co — Cisco Umbrella Rank: 556	582 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 165	90 KB
2	votetimscott.com 1 redirects click.email.votetimscott.com win.votetimscott.com	12 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412	257 B
1	decide.dev cdn1.decide.dev — Cisco Umbrella Rank: 23657	3 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 725	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 31142	282 B
1	unsplash.com views.unsplash.com — Cisco Umbrella Rank: 32799
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	4 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 366	25 KB
33	17

	Domain	Requested by
3	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
3	www.googletagmanager.com	win.votetimscott.com www.googletagmanager.com
3	builder-assets.unbounce.com	win.votetimscott.com
2	insight.adsrvr.org	js.adsrvr.org
2	www.facebook.com	win.votetimscott.com
2	analytics.twitter.com	win.votetimscott.com
2	t.co	win.votetimscott.com
2	connect.facebook.net	win.votetimscott.com connect.facebook.net
2	d9hhrg4mnvzow.cloudfront.net	win.votetimscott.com
2	d1wbjksx0xxdn3.cloudfront.net	win.votetimscott.com d1wbjksx0xxdn3.cloudfront.net
1	region1.google-analytics.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	cdn1.decide.dev	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	events.ub-analytics.com	win.votetimscott.com
1	views.unsplash.com	win.votetimscott.com
1	cdnjs.cloudflare.com	win.votetimscott.com
1	ajax.googleapis.com	win.votetimscott.com
1	win.votetimscott.com
1	click.email.votetimscott.com	1 redirects
33	20

This site contains no links.

Subject Issuer	Validity	Valid
win.votetimscott.com R3	`2023-07-12` - `2023-10-10`	3 months	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.unsplash.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-07-05` - `2024-08-05`	a year	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2023-06-01` - `2024-06-29`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-03-11` - `2024-04-08`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-07` - `2023-09-05`	3 months	crt.sh
cdn1.decide.dev R3	`2023-07-05` - `2023-10-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Frame ID: EE992B17FF59EFE57BE954B6F4D76C84
Requests: 32 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=lpiyh47&ref=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&upid=wkp6i0z&upv=1.1.0
Frame ID: D023DDAB533DA6EB162FE5A23931DC5F
Requests: 1 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=lpiyh47&ref=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&upid=wkp6i0z&upv=1.1.0
Frame ID: F43049DF3E62AAA568D77195D6F91978
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tim Scott Campaign Survey

Page URL History Show full URLs

https://click.email.votetimscott.com/?qs=466f2ed2a70cb1cb6daa5332d40266ca1206cf2851fbb754d773cab330595d52d1221875... HTTP 302
https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

35 %
IPv6

17
Domains

20
Subdomains

20
IPs

2
Countries

726 kB
Transfer

2390 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.email.votetimscott.com/?qs=466f2ed2a70cb1cb6daa5332d40266ca1206cf2851fbb754d773cab330595d52d1221875a166a1dba3ac9c3c4aec823a6faf408cf1d1281f3d765b45999537af HTTP 302
https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
win.votetimscott.com/august-campaign-survey/
Redirect Chain

https://click.email.votetimscott.com/?qs=466f2ed2a70cb1cb6daa5332d40266ca1206cf2851fbb754d773cab330595d52d1221875a166a1dba3ac9c3c4aec823a6faf408cf1d1281f3d765b45999537af
https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260

75 KB
11 KB

94ms
12ms

Document
text/html

3.126.202.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 88bd5944d46c5a216869ff69a1d3a916813a251b8788bea79623077217863334

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 10710
content-location: https://win.votetimscott.com/august-campaign-survey/
content-type: text/html; charset=utf-8
date: Mon, 28 Aug 2023 17:23:56 GMT
etag: "a:f6414740994342cf96a22b9a1b9e91a5"
link: <https://win.votetimscott.com/august-campaign-survey/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: c1884860-e7a3-4d04-a964-8f4adbb84a85
x-unbounce-variant: a
x-unbounce-visitorid: f6414740-9943-42cf-96a2-2b9a1b9e91a5

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 287
Content-Type: text/html; charset=utf-8
Date: Mon, 28 Aug 2023 17:23:56 GMT
Location: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 73ms
16ms Stylesheet
text/css 143.204.9.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-103.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 26 Jul 2023 17:53:43 GMT
content-encoding: gzip
via: 1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
x-amz-version-id: fMGT9YqOCj6GvXj65o03BPFmMJDaNxvc
x-amz-cf-pop: MXP64-C1
age: 2849413
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2902
last-modified: Tue, 11 Jul 2023 16:18:48 GMT
server: AmazonS3
etag: "99b89a3d5f7bab4f89aad694ef70a6d8"
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: l0gdoN0oddg-hYsqARFRqzmCqmCR4cT4OqYmpMejCNzz6PmW73Wzfg==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 13:36:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Aug 2024 13:36:26 GMT

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 73ms
16ms Script
application/javascript 143.204.9.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-103.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 21:39:16 GMT
content-encoding: gzip
via: 1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
x-amz-version-id: Eo1N7rPPiIRpDmAKnYL.itgwswbpORDF
x-amz-cf-pop: MXP64-C1
age: 675881
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1991
last-modified: Tue, 11 Jul 2023 16:18:45 GMT
server: AmazonS3
etag: "29f67dc57513d44ad95c6d6fb814d270"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: cMzR7YOMq4EanBRVXs2qxIJweclGKgd5ZKT8i01bNmtkEsg3KIGUpg==

GET
H2 200 ub.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 5 KB
2 KB 74ms
7ms Script
application/javascript 2600:9000:21f3:de00:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:de00:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 26 Jun 2023 17:24:21 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop: FRA2-C2
age: 5443176
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 1864
last-modified: Mon, 26 Jun 2023 16:59:10 GMT
server: AmazonS3
etag: "118cee1e64f6b283233c55aee7da10da"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: pFUC_GL2g2lRjkhZu8I89QeWofDvIv2sHmMXuAJvp1huOPChdZH4eQ==

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/ 52 KB
4 KB 35ms
16ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 16042761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 3281
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FveG%2BqNoCZXGmU%2BNsyeMGbRKHDDgIFtEUFDjjyizpqNyQUVQaoRfB2fZbVVMAvvUtYPc3WD1c3nHUG5BVpx5imaWi5s0fwOJFuf%2BEO5U2xrjHhoJeYfs8Rc%2BZJZ1sSyrnDv7BPfd4mNJ3ZVK2Cs1%2FmjB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fde3eb7bcab3814-FRA
expires: Sat, 17 Aug 2024 17:23:56 GMT

GET
H2 200 main.bundle-b8bce47.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
33 KB 25ms
23ms Script
application/javascript 143.204.9.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.9.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-9-103.mxp64.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 23:45:18 GMT
content-encoding: gzip
via: 1.1 8e4c18e02a341c5dcc38c6627bf5cf50.cloudfront.net (CloudFront)
x-amz-version-id: 6jHAL9fP889t4NCAfewK2ptLZfkpx6Fe
x-amz-cf-pop: MXP64-C1
age: 668319
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 33784
last-modified: Tue, 11 Jul 2023 16:18:45 GMT
server: AmazonS3
etag: "3208b0848f289d158acfc0caf5894954"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: XKDpv08QNsOJtIr7Y_PzajXfwyQadrp1Tw-5aPE5SKK1GSE8jaTF_g==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 559 KB
104 KB 88ms
65ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WM8J8GJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f4800fd95434f942420101705cf94f119a52af0dc8320cc560582b18e9421f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106652
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 16:05:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 17:23:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 517 KB
102 KB 80ms
57ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0d9dab7ca633c4c4af6dc0f63f5e0d24e088e6590b44bab053e87faeda5bb502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 103678
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 16:54:35 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 17:23:56 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 3682914c-unsplash-8jyxcf00x3y_11hc0zk00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/win.votetimscott.com/august-campaign-survey/ 157 KB
158 KB 53ms
10ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/win.votetimscott.com/august-campaign-survey/3682914c-unsplash-8jyxcf00x3y_11hc0zk00000000000001o.jpg
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc836b72fd62d1903185cf97486f780b3a5b6377ce8dce95c79a057c2615aa40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 27 Aug 2023 21:02:26 GMT
x-amz-version-id: udCIjz4bxLcEbtjNGG9uvQXRvSSjrScy
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 22:48:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 73290
etag: "749a22adecedb6d444d87b7af7a7b77b"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 161253
x-amz-cf-id: e-JBKUHKoDwpG4vukcaI50Gf_endZWzw2D9kh_BxwMymumr7F0sA5w==

GET
H2 200 v
views.unsplash.com/ 0
0 39ms
7ms Image
application/json 151.101.1.181
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://views.unsplash.com/v?app_id=27955&photo_id=8jyxcf00x3y
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.181 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
BLOB 200
OK 8708df9c-993c-47d3-b692-0e96abf7c128
https://win.votetimscott.com/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://win.votetimscott.com/8708df9c-993c-47d3-b692-0e96abf7c128
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 5611
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 4 KB
1 KB 353ms
315ms Stylesheet
text/css 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Lato:300%7COswald:regular,700

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-b8bce47.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

03b25af48573c21c84137b13edc296854c631e098cb76eb232da8b50af0e40d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amzn-requestid: 0c5cf865-219d-451a-9f69-e81c40908347
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: KYa3GHGUIAMENYA=
content-length: 632
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-64ecd82d-0a05200202fabc9621d9509b
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: xRs5uUzn6-TVRaP-DC9OA2W47i6EsZCoZvOqxrVsf5Ui8oWSrx1meA==

GET
H2 200 67e2882e-unnamed_106702g000000000000028.png
d9hhrg4mnvzow.cloudfront.net/win.votetimscott.com/august-campaign-survey/ 2 KB
2 KB 11ms
9ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/win.votetimscott.com/august-campaign-survey/67e2882e-unnamed_106702g000000000000028.png
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c8c5011c6fc5cf4eb769e472c7c93b095eb2e306d6a4cc21cf286584f2e80fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 26 Aug 2023 21:05:06 GMT
x-amz-version-id: fCHTeGgfYjXGKYmzD608YLElZd8OGM4X
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 22:48:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 159530
etag: "766028ee54463514605975d11d7b92e5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1749
x-amz-cf-id: zqAKRIYTM9AqqvRCmJSyuXcv_0HgTvXgllEnORC77E2_BRKp-_657g==

GET
H2 200 sp-2.14.0.js Show response
d1wbjksx0xxdn3.cloudfront.net/ 98 KB
30 KB 8ms
8ms Script
application/javascript 2600:9000:21f3:de00:b:3165:13c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by: Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:de00:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 05:10:01 GMT
content-encoding: gzip
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-version-id: 0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop: FRA2-C2
age: 3154436
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 30399
last-modified: Mon, 26 Jun 2023 16:59:50 GMT
server: AmazonS3
etag: "73de733c308b8b5e44d2a6242dc4bd99"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: loY99rXEFF5DkIFSoTPScHIefC63hXGp6-h42-oSZ6Lci4XQ7_2nOA==

GET
H2 200 i
events.ub-analytics.com/ 43 B
282 B 293ms
92ms Image
image/gif 54.175.49.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1693243436902&e=pv&url=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&page=Tim%20Scott%20Campaign%20Survey&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=117cab59-b7de-4943-8bd3-34414f059135&dtm=1693243436901&vp=1600x1200&ds=1600x2663&vid=1&sid=c14084df-4d33-4c8b-9495-102cdfd44168&duid=cc238476-ddf4-4466-81af-f6169b23a39c&uid=f6414740-9943-42cf-96a2-2b9a1b9e91a5&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiYzE4ODQ4NjAtZTdhMy00ZDA0LWE5NjQtOGY0YWRiYjg0YTg1IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: win.votetimscott.com
URL: https://win.votetimscott.com/august-campaign-survey/?money_pledge=true&utm_campaign=20230827_NB-UL.100863_t1380641-1260&ex_tid=20230827_NB-UL.100863_t1380641-1260
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.49.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-49-101.compute-1.amazonaws.com
Software: akka-http/10.2.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:57 GMT
server: akka-http/10.2.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 43

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 36ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:57 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220103-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 193 KB
52 KB 32ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 17:23:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 52127
x-xss-protection: 0
pragma: public
x-fb-debug: k6OHhixkQGRUvKRVhfYmxHBcxpo+ZsjSjT9lfMN7BdS7AyM2EEaRKjR+cGn8UWnvwrnZPEqT85p9BwHg0XU6EA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 timscottforsenate_lander.js Show response
cdn1.decide.dev/tracking/ 6 KB
3 KB 437ms
384ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.decide.dev/tracking/timscottforsenate_lander.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 0fb437afa24051d33f9981dab1366ce430cfdab696d9668ae3a966c12f08eade

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:57 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 23:15:35 GMT
etag: "be8bf59b1cb4718d4bc0e45b369c4695"
x-hw: 1693243437.cds287.fr8.hn,1693243437.cds150.fr8.sc,1693243437.cds150.fr8.pr
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: https://decide.dev
content-length: 2862

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 5 KB
3 KB 33ms
7ms Script
application/x-javascript 108.138.15.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.15.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-15-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Sun, 27 Aug 2023 20:57:32 GMT
Content-Encoding: gzip
Via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
Last-Modified: Tue, 01 Aug 2023 20:10:44 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P7
Age: 73586
x-amz-server-side-encryption: AES256
ETag: W/"b7474eac210849250426a8f6a39d00f3"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: WqeN_EWKgbSPg5w2NM-dTNVOCbi-3ewHCCuIpyUMwyDQESaMJsFhqA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
88 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1HGY3LS35M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBSKFC3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbce6fa71543a9fe81c27994fb5c885fcff11951ba8cf284281a7b4991cf82be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 17:23:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 17:23:56 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 135ms
111ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4c536511-d8dc-4d90-bf57-5ca1fd79623d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=dca32279-744f-4853-a0ea-38f6adb3f14e&tw_document_href=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&tw_iframe_status=0&txn_id=of4da&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 28 Aug 2023 17:23:56 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: fea5df9e68190622
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 99ca2f1d5a4ea95e6203f318002b1fcb176df8498c3bd3475d81ad09c50d51e3
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
725 B 146ms
111ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=4c536511-d8dc-4d90-bf57-5ca1fd79623d&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=dca32279-744f-4853-a0ea-38f6adb3f14e&tw_document_href=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&tw_iframe_status=0&txn_id=of4da&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 28 Aug 2023 17:23:56 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 21922330fc1d67c4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c597ce3f2e5186b01b5cf8584705b436d2a44585c6d639318776a91a293289f6
content-length: 43

GET
H2 200 adsct
t.co/1/i/ 43 B
205 B 205ms
182ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b81d0d46-988e-4dc7-8609-9e3d1730ded3&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=dca32279-744f-4853-a0ea-38f6adb3f14e&tw_document_href=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&tw_iframe_status=0&txn_id=of4da&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 175
date: Mon, 28 Aug 2023 17:23:56 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 5af835e8e32b7ef2
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 99ca2f1d5a4ea95e6203f318002b1fcb176df8498c3bd3475d81ad09c50d51e3
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
548 B 218ms
183ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=b81d0d46-988e-4dc7-8609-9e3d1730ded3&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=dca32279-744f-4853-a0ea-38f6adb3f14e&tw_document_href=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&tw_iframe_status=0&txn_id=of4da&type=javascript&version=2.3.29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-response-time: 176
date: Mon, 28 Aug 2023 17:23:56 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: d16642ed8a06f6ec
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: c597ce3f2e5186b01b5cf8584705b436d2a44585c6d639318776a91a293289f6
content-length: 43

GET
H2 200 304382470635393 Show response
connect.facebook.net/signals/config/ 149 KB
38 KB 161ms
160ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/304382470635393?v=2.9.125&r=stable&domain=win.votetimscott.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

26069cdd0aa94363d51abe4bfe570d739cd46a6ff2ec441356c28a6bf8c7cd05

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 28 Aug 2023 17:23:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: vZDxJfanEIH7m2CmxzYyH7RI1gYv1WJkuXrP3qn9sM/a78fv8hGpetmHYmM8rTMMxDjHs/0fm7cmPtm6BpwJ9Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
257 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-1HGY3LS35M&gtm=45je38n0&_p=1410212365&cid=1488920239.1693243437&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693243437&sct=1&seg=0&dl=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&dt=Tim%20Scott%20Campaign%20Survey&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1HGY3LS35M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 17:23:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win.votetimscott.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304382470635393&ev=PageView&dl=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&rl=&if=false&ts=1693243437216&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693243437213.652210517&cs_est=true&it=1693243437034&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 17:23:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 23 KB
23 KB 24ms
9ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:300%7COswald:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:300%7COswald:regular,700
Origin: https://win.votetimscott.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 01 Jun 2023 00:19:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23236
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 7664683
x-amzn-requestid: b9f21f2b-fbfd-4e2f-a7f1-6bcfb948c757
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: F0CQeEUdIAMF03g=
content-length: 23067
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:08:26 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-6477e402-46b3ff94051cb31b743f14ff
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: yu1-d6YXr9-SbDYkKpdqn1QM4QCk2TXAaDPVky5GQuqF5J_5GkK-1A==

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.ub-assets.com/fonts/s/oswald/v53/ 21 KB
22 KB 29ms
14ms Font
font/woff2 13.32.99.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v53/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:300%7COswald:regular,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.8 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-8.fra60.r.cloudfront.net

Software

Resource Hash

99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Lato:300%7COswald:regular,700
Origin: https://win.votetimscott.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 00:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 21444
via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 925381
x-amzn-requestid: c4f6bf8e-4f16-47c8-a384-784286ac9332
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: J1HoVHqcoAMEdYA=
content-length: 21472
x-xss-protection: 0
last-modified: Tue, 15 Aug 2023 18:38:40 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-64deb968-17141cd1083437be14eea0e2
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: tsunAGPosaCNSchfXhXrJ1JeIcRaFclh79tCFm1yKC2BaPCzLJ4c1Q==

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame D023 0
181 B 166ms
76ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=lpiyh47&ref=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&upid=wkp6i0z&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win.votetimscott.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 28 Aug 2023 17:23:57 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame F430 0
182 B 122ms
34ms Document
text/html 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=lpiyh47&ref=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&upid=wkp6i0z&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win.votetimscott.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html
date: Mon, 28 Aug 2023 17:23:57 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 7ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=304382470635393&ev=Microdata&dl=https%3A%2F%2Fwin.votetimscott.com%2Faugust-campaign-survey%2F%3Fmoney_pledge%3Dtrue%26utm_campaign%3D20230827_NB-UL.100863_t1380641-1260%26ex_tid%3D20230827_NB-UL.100863_t1380641-1260&rl=&if=false&ts=1693243437719&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Tim%20Scott%20Campaign%20Survey%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Tim%20Scott%20for%20America%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwin.votetimscott.com%2Fec-survey-1%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Adescription%22%3A%22Take%20our%20survey%20today!%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fi.ibb.co%2FhRmpdFT%2FIMG-3180-2.jpg%22%2C%22twitter%3Acard%22%3A%22summary_large_image%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693243437213.652210517&it=1693243437034&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://win.votetimscott.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 28 Aug 2023 17:23:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
win.votetimscott.com/august-campaign-survey/	1970-01-20 18:45:41	Name: ubpv Value: a%2Cc1884860-e7a3-4d04-a964-8f4adbb84a85
win.votetimscott.com/	1970-01-20 18:39:55	Name: ubvs Value: f6414740-9943-42cf-96a2-2b9a1b9e91a5
.votetimscott.com/	1970-01-20 14:25:02	Name: ubvt Value: v2%7Cf6414740-9943-42cf-96a2-2b9a1b9e91a5%7Cc1884860-e7a3-4d04-a964-8f4adbb84a85%3Aa%3Asingle
.unsplash.com/	1970-01-20 23:06:19	Name: ugid Value: 0818fd5307c4681c7a824faa935751885644144
.votetimscott.com/	1970-01-20 23:56:43	Name: _ga_1HGY3LS35M Value: GS1.1.1693243437.1.0.1693243437.0.0.0
.votetimscott.com/	1970-01-20 23:56:43	Name: _ga Value: GA1.1.1488920239.1693243437
.votetimscott.com/	1970-01-20 16:30:19	Name: _fbp Value: fb.1.1693243437213.652210517
.t.co/	1970-01-20 23:56:43	Name: muc_ads Value: 1f40418a-515a-458d-af9a-8a73bde9e605
.twitter.com/	1970-01-20 23:56:43	Name: guest_id_marketing Value: v1%3A169324343711754024
.twitter.com/	1970-01-20 23:56:43	Name: guest_id_ads Value: v1%3A169324343711754024
.twitter.com/	1970-01-20 23:56:43	Name: personalization_id Value: "v1_jWIV353Wl3AwWqfH7AGXxw=="
.twitter.com/	1970-01-20 23:56:43	Name: guest_id Value: v1%3A169324343711754024

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.twitter.com
builder-assets.unbounce.com
cdn1.decide.dev
cdnjs.cloudflare.com
click.email.votetimscott.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
insight.adsrvr.org
js.adsrvr.org
region1.google-analytics.com
static.ads-twitter.com
t.co
views.unsplash.com
win.votetimscott.com
www.facebook.com
www.googletagmanager.com
104.244.42.131
104.244.42.197
108.138.15.119
13.111.235.89
13.32.99.8
143.204.9.103
146.75.120.157
151.101.1.181
151.139.128.10
2001:4860:4802:32::36
2600:9000:21f3:de00:b:3165:13c0:21
2606:4700::6811:180e
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.126.202.50
3.33.220.150
52.222.250.12
54.175.49.101
03b25af48573c21c84137b13edc296854c631e098cb76eb232da8b50af0e40d8
0d9dab7ca633c4c4af6dc0f63f5e0d24e088e6590b44bab053e87faeda5bb502
0f4800fd95434f942420101705cf94f119a52af0dc8320cc560582b18e9421f8
0fb437afa24051d33f9981dab1366ce430cfdab696d9668ae3a966c12f08eade
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
26069cdd0aa94363d51abe4bfe570d739cd46a6ff2ec441356c28a6bf8c7cd05
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
88bd5944d46c5a216869ff69a1d3a916813a251b8788bea79623077217863334
899663bfeab6b11842c974c2417dc0ad88bd79bb7510b1e032384ccf2618dcc1
8c8c5011c6fc5cf4eb769e472c7c93b095eb2e306d6a4cc21cf286584f2e80fb
99027d866818f716d208569108a962ac72200197cae503efe5b6bf002bf4915b
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b8bce47ffa43bc0b835f83d09167cabac1a62e85241aa806d826a0909d5bf7ee
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29
dbce6fa71543a9fe81c27994fb5c885fcff11951ba8cf284281a7b4991cf82be
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc836b72fd62d1903185cf97486f780b3a5b6377ce8dce95c79a057c2615aa40

win.votetimscott.com Open in urlscan Pro 3.126.202.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

97 %HTTPS

35 %IPv6

17 Domains

20 Subdomains

20 IPs

2 Countries

726 kBTransfer

2390 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

win.votetimscott.com Open in urlscan Pro
3.126.202.50 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

97 %
HTTPS

35 %
IPv6

17
Domains

20
Subdomains

20
IPs

2
Countries

726 kB
Transfer

2390 kB
Size

12
Cookies

33 HTTP transactions
1 data transactions