act.thenrcc.org Open in urlscan Pro
34.205.248.193 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gopwin.us/ws2
Effective URL:
https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1...
Submission: On April 25 via manual (April 25th 2022, 1:46:22 am UTC) from CA — Scanned from US

Summary HTTP 54 Redirects Behaviour Indicators

Summary

This website contacted 30 IPs in 2 countries across 25 domains to perform 54 HTTP transactions. The main IP is 34.205.248.193, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is act.thenrcc.org. The Cisco Umbrella rank of the primary domain is 696601.
TLS certificate: Issued by R3 on April 8th 2022. Valid for: 3 months.

This is the only time act.thenrcc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.72.49.79 52.72.49.79	14618 (AMAZON-AES) (AMAZON-AES)
1	34.205.248.193 34.205.248.193	14618 (AMAZON-AES) (AMAZON-AES)
3	99.84.42.7 99.84.42.7	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:216... 2600:9000:2162:9800:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:2140:9c00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:141b:13:... 2600:141b:13::1732:35bb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
1	99.84.47.189 99.84.47.189	16509 (AMAZON-02) (AMAZON-02)
1	35.174.193.205 35.174.193.205	14618 (AMAZON-AES) (AMAZON-AES)
2	99.84.122.245 99.84.122.245	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
6	52.204.127.70 52.204.127.70	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.81.226 142.250.81.226	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4998:14:... 2001:4998:14:800::1001	14777 (YAHOO) (YAHOO)
1 2	2600:141b:13:... 2600:141b:13::1732:35c2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4004:c09::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1 6	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	76.13.32.146 76.13.32.146	26101 (YAHOO-BF1) (YAHOO-BF1)
1 1	2600:1f18:730... 2600:1f18:730:b150:1cf:88dc:54d8:eec2	14618 (AMAZON-AES) (AMAZON-AES)
1	34.202.82.185 34.202.82.185	14618 (AMAZON-AES) (AMAZON-AES)
1	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
1	54.235.30.242 54.235.30.242	14618 (AMAZON-AES) (AMAZON-AES)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
1	142.251.111.156 142.251.111.156	15169 (GOOGLE) (GOOGLE)
54	30

1 52.72.49.79 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-49-79.compute-1.amazonaws.com

gopwin.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.205.248.193 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-248-193.compute-1.amazonaws.com

act.thenrcc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.84.42.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-7.ewr52.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2162:9800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2140:9c00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:13::1732:35bb (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)

rtxpx-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:822::2008 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.47.189 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-47-189.ewr52.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.193.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-193-205.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.122.245 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-122-245.ewr52.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.204.127.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-127-70.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.81.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4998:14:800::1001 (United States)

ASN14777 (YAHOO, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:13::1732:35c2 (New York, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

stickyid-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c09::9d (Ashburn, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::200a (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::2002 (Staten Island, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81c::2004 (Staten Island, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.146 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: spdc.pbp.vip.bf1.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:1cf:88dc:54d8:eec2 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.82.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-82-185.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2003 (Staten Island, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.235.30.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-235-30-242.compute-1.amazonaws.com

rtclx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.111.156 (United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f156.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	snapchat.com 1 redirects tr.snapchat.com — Cisco Umbrella Rank: 945	2 KB
6	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3495	8 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 bid.g.doubleclick.net — Cisco Umbrella Rank: 473	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 58	223 KB
3	google.com www.google.com — Cisco Umbrella Rank: 2	629 B
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	116 KB
3	akamaihd.net 1 redirects rtxpx-a.akamaihd.net — Cisco Umbrella Rank: 65721 stickyid-a.akamaihd.net — Cisco Umbrella Rank: 67826	32 KB
3	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 3521 rp.liadm.com — Cisco Umbrella Rank: 2672 rp4.liadm.com — Cisco Umbrella Rank: 11095	12 KB
3	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	290 KB
3	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 15920	39 KB
2	tapad.com 2 redirects pixel.tapad.com — Cisco Umbrella Rank: 405	557 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	499 B
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 404	7 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	sc-static.net sc-static.net — Cisco Umbrella Rank: 1117	15 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 271 fonts.googleapis.com — Cisco Umbrella Rank: 39	26 KB
1	rtclx.com rtclx.com — Cisco Umbrella Rank: 14538	661 B
1	gstatic.com fonts.gstatic.com	23 KB
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 823	634 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 103	15 KB
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 21664	245 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 610	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	4 KB
1	thenrcc.org act.thenrcc.org — Cisco Umbrella Rank: 696601	9 KB
1	gopwin.us 1 redirects gopwin.us — Cisco Umbrella Rank: 651666	385 B
54	25

	Domain	Requested by
6	tr.snapchat.com	1 redirects sc-static.net act.thenrcc.org
6	tags.srv.stackadapt.com	act.thenrcc.org tags.srv.stackadapt.com
4	www.googletagmanager.com	act.thenrcc.org www.googletagmanager.com
3	www.google.com	act.thenrcc.org
3	connect.facebook.net	act.thenrcc.org connect.facebook.net
3	builder-assets.unbounce.com	act.thenrcc.org
2	pixel.tapad.com	2 redirects
2	www.facebook.com	act.thenrcc.org
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stickyid-a.akamaihd.net	1 redirects act.thenrcc.org
2	s.yimg.com	act.thenrcc.org s.yimg.com
2	www.google-analytics.com	www.googletagmanager.com act.thenrcc.org
2	sc-static.net	www.googletagmanager.com tr.snapchat.com
2	d34qb8suadcc4g.cloudfront.net	act.thenrcc.org d34qb8suadcc4g.cloudfront.net
1	bid.g.doubleclick.net	www.googleadservices.com
1	rtclx.com	rtxpx-a.akamaihd.net
1	fonts.gstatic.com	fonts.googleapis.com
1	rp4.liadm.com	act.thenrcc.org
1	rp.liadm.com	1 redirects
1	sp.analytics.yahoo.com	act.thenrcc.org
1	fonts.googleapis.com	builder-assets.unbounce.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googleadservices.com	www.googletagmanager.com
1	events.ub-analytics.com	act.thenrcc.org
1	d9hhrg4mnvzow.cloudfront.net	act.thenrcc.org
1	rtxpx-a.akamaihd.net	act.thenrcc.org
1	code.jquery.com	act.thenrcc.org
1	cdnjs.cloudflare.com	act.thenrcc.org
1	b-code.liadm.com	act.thenrcc.org
1	ajax.googleapis.com	act.thenrcc.org
1	act.thenrcc.org
1	gopwin.us	1 redirects
54	32

This site contains no links.

Subject Issuer	Validity	Valid
act.thenrcc.org R3	`2022-04-08` - `2022-07-07`	3 months	crt.sh
*.unbounce.com Amazon	`2022-02-08` - `2023-03-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.liadm.com Amazon	`2022-01-31` - `2023-03-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
a248.e.akamai.net DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.ub-analytics.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
*.srv.stackadapt.com Amazon	`2021-11-09` - `2022-12-07`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-04-25` - `2022-06-15`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-13` - `2023-01-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
1p1eqpotato.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-11` - `2023-03-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Frame ID: 9A90FBF58E6AE02DA96ADF64DC113A4B
Requests: 50 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=5e5d99b5-b962-4e97-b181-91c29951d1db
Frame ID: 31B10E92B09FF09B4790CBD6CA611187
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1650802521217&pnid=140&pcid=ad5e81c1-361a-4985-b209-c668871d810d
Frame ID: C24121084F74A11E0245BDC32AD8D5E8
Requests: 1 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: F80243BB52C53590EFE98940815C5915
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Are you Still a Republican?

Page URL History Show full URLs

http://gopwin.us/ws2 HTTP 301
https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_do... Page URL

Detected technologies

Wink (Mobile Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:_base/js/base|wink).*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

94 %
HTTPS

56 %
IPv6

25
Domains

32
Subdomains

30
IPs

2
Countries

874 kB
Transfer

2283 kB
Size

26
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gopwin.us/ws2 HTTP 301
https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://stickyid-a.akamaihd.net/id?o=https%3A%2F%2Fact.thenrcc.org HTTP 302
https://stickyid-a.akamaihd.net/id?cc=1&o=https%3A%2F%2Fact.thenrcc.org

Request Chain 40

https://rp.liadm.com/j?dtstmp=1650851177253&aid=a-0769&se=e30&duid=60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0&tna=v2.3.0&pu=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&wpn=lc-bundle&c=PHRpdGxlPkFyZSB5b3UgU3RpbGwgYSBSZXB1YmxpY2FuPzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI- HTTP 302
https://rp4.liadm.com/j?dtstmp=1650851177253&aid=a-0769&se=e30&duid=60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0&tna=v2.3.0&pu=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&wpn=lc-bundle&c=PHRpdGxlPkFyZSB5b3UgU3RpbGwgYSBSZXB1YmxpY2FuPzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwZDo1NjAwOjI0OjE0MDA6MTAxMjozNTA5OjYyZjg6Mzg0Yw%3D%3D&n3pc=true

Request Chain 51

https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1650851177332 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1650802521217%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1650802521217%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1650802521217&pnid=140&pcid=ad5e81c1-361a-4985-b209-c668871d810d

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
act.thenrcc.org/are-you-republican-why/
Redirect Chain

http://gopwin.us/ws2
https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext

38 KB
9 KB

82ms
18ms

Document
text/html

34.205.248.193
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 34.205.248.193 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-248-193.compute-1.amazonaws.com
Software: /
Resource Hash: f7c87bb088237621f9cdc5e3b8d8a0b48c86f54f704778cb5f8630cad9f27597

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

connection: close
content-encoding: gzip
content-location: https://act.thenrcc.org/are-you-republican-why/
content-type: text/html; charset=UTF-8
date: Mon, 25 Apr 2022 01:46:16 GMT
etag: "a:e7e0b9110d44744d21e2d36bc6224538"
last-modified: Fri, 22 Apr 2022 16:03:37 GMT
link: <https://act.thenrcc.org/are-you-republican-why/>; rel="canonical"
p3p: CP="This is not a privacy policy."
transfer-encoding: chunked
x-proxy-backend: page-server
x-unbounce-pageid: d04677ef-0c2b-46bf-bde0-9e2148c1b38f
x-unbounce-variant: a
x-unbounce-visitorid: e0bc3f0a-3e07-4b5a-b903-bb9f99298399

Redirect headers

Cache-Control: no-cache, no-store
Content-Length: 0
Date: Mon, 25 Apr 2022 01:46:15 GMT
Engine: Rebrandly.redirect, version 2.1
Expires: -1
Location: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 437ms
140ms Stylesheet
text/css 99.84.42.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-7.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 23:52:20 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:54 GMT
server: AmazonS3
age: 2858037
etag: "43729a62fb549c1f6784cd5cc32082e0"
x-cache: Hit from cloudfront
x-amz-version-id: kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: text/css
content-length: 2902
x-amz-cf-id: sg6kmXwo5Q_4Cw3sAPgm1XOUbVxLu6d3H3gNho0advYbcANDWIvh3A==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.4.2/ 70 KB
25 KB 21ms
5ms Script
text/javascript 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js

Requested by

Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 00:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263380
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24715
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 00:36:36 GMT

GET
H2 200 jquery-shims.bundle-aa41391.z.js Show response
builder-assets.unbounce.com/published-js/ 6 KB
2 KB 455ms
158ms Script
application/javascript 99.84.42.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/jquery-shims.bundle-aa41391.z.js
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-7.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 19:30:59 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:48 GMT
server: AmazonS3
age: 2873718
etag: "89f0d92a9c6356ece7b64e15125bdeb6"
x-cache: Hit from cloudfront
x-amz-version-id: goJW2sY.ew8uxTTlwJSZP6viBUlo9k1v
via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: application/javascript
content-length: 1991
x-amz-cf-id: 03Z_Bkvg1QISL5I-o-Qj3gvkZHaucL7DPHmPpdKbJcSvuNvYijOUHQ==

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 53ms
15ms Script
application/javascript 2600:9000:2162:9800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:9800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 01:13:48 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 19:15:08 GMT
server: AmazonS3
age: 1038750
etag: "f6420c864830b5860bfaadd47a2bb21b"
x-cache: Hit from cloudfront
x-amz-version-id: bKC28ufbc849z_LglraHgQe9TbPw1SIU
via: 1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-type: application/javascript
content-length: 1856
x-amz-cf-id: C3wwdcjTZ3sfiYBz-_8sfmC8v5qVMuxo5Q5VWep99QxFRiIIylSKRQ==

GET
H2 200 a-0769.min.js Show response
b-code.liadm.com/ 26 KB
10 KB 76ms
18ms Script
application/javascript 2600:9000:2140:9c00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-0769.min.js
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:9c00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d1601d0597e91869d87b27b2d4a0da5b78a3ea0c3ecec06fd3709c8c895155f4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 21:31:34 GMT
via: 1.1 c62f6c9a9fdf2356a904a1b156a05fe0.cloudfront.net (CloudFront)
age: 15283
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=86400
x-amz-cf-pop: EWR52-C1
content-encoding: gzip
x-amz-cf-id: VE3Q5V_0DhJHRQGaUImruS7yGfSea4dQIIhMrKWkBsIbXHvxmUCUew==

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/ 52 KB
4 KB 33ms
19ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 934841
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3281
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-ce35"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=libWAf46En3KWgxGYz5vr%2FyBdwR3CtdCU4o%2FxJmuFFlRLkcsAuomDWzxAmWfk0rhjq4Xk2IwdsJn6juzcKaGAYdqf%2Fo8k32Pf%2ByCDqGeZxEPYoyPzI2m9VwA%2F2YzCvTZSF0LxG5gA2llTynfUu8VcNEo"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7013676d5c8b8c39-EWR
expires: Sat, 15 Apr 2023 01:46:16 GMT

GET
H2 200 main.bundle-bdbf0bb.z.js Show response
builder-assets.unbounce.com/published-js/ 103 KB
33 KB 176ms
175ms Script
application/javascript 99.84.42.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-bdbf0bb.z.js
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.42.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-42-7.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bdbf0bb9b89e4db6550fc67b627a228a48f5f43d2192fe2cdf1c00bc9758a5ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 00:53:40 GMT
content-encoding: gzip
last-modified: Tue, 18 Jan 2022 22:28:48 GMT
server: AmazonS3
age: 2767958
etag: "505f303188fc706cbb0b3682c86fbbe4"
x-cache: Hit from cloudfront
x-amz-version-id: GiOX2dKjR70mgh3_1QLMson5Dgqx_5D4
via: 1.1 aa2d5a64a5be3b668a484d0b762d160e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C4
accept-ranges: bytes
content-type: application/javascript
content-length: 33486
x-amz-cf-id: 04rLNYxT1wntGRhv2GFs5J3aoix4fkLnJCer002cedoiU9bdLLvWoA==

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 27ms
6ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://act.thenrcc.org/
Origin: https://act.thenrcc.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:16 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1650851176.dop038.ny3.t,1650851176.cds224.ny3.hn,1650851176.cds129.ny3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H/1.1 200
OK main.js Show response
rtxpx-a.akamaihd.net/ 91 KB
31 KB 83ms
27ms Script
application/javascript 2600:141b:13::1732:35bb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://rtxpx-a.akamaihd.net/main.js
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2600:141b:13::1732:35bb New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1cd6e55f30592f2d07f9d038d85872e5d4fe5b079c86cadf29a3776694593d7b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 01:46:17 GMT
Content-Encoding: gzip
x-amz-request-id: 69F032B63988C729
Connection: keep-alive
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length: 30922
x-amz-id-2: qh1E7bnGQ+vD6sEAHBnEDpXEACYR6NO6Vt6mFsJgC50R2pbIqNZRu9VnaLKN9FR8PAgWIKYBOs0=
Pragma: no-cache
Last-Modified: Thu, 28 Jan 2021 21:02:34 GMT
Server: AmazonS3
ETag: "0e00eda4d7973d0a511ce8aae95bef1c"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=0, no-cache, no-store
Accept-Ranges: bytes
Expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 462 KB
84 KB 35ms
18ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WM8J8GJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfdeb8e8e623204543622c5c72c038d7bea1fdc65bb218a9ac80decb8ee6dc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85938
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
60 KB 49ms
32ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

99c1cd0ea194dafb63c983d93d0d1926aeac04445e17a5537aeb17b45d5e0288

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61283
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 2ff8bf54-brandon-mowinkel-211936-unsplash-1_11hc0zk00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/act.thenrcc.org/are-you-republican-why/ 256 KB
257 KB 529ms
492ms Image
image/jpeg 99.84.47.189
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/act.thenrcc.org/are-you-republican-why/2ff8bf54-brandon-mowinkel-211936-unsplash-1_11hc0zk00000000000001o.jpg
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.47.189 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-47-189.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7871c9bce59bef093b594c75cd7eed6bd572a8eb1e835e3d71a6730ddb9042a5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:18 GMT
via: 1.1 2e337f53e2a04e4268f9f9ece555a598.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 16:03:37 GMT
server: AmazonS3
x-amz-cf-pop: EWR52-C4
etag: "feee3f7d7a56984f472ea82c5f4ea6ea"
x-cache: Miss from cloudfront
x-amz-version-id: QLx6pAJtPR_f9Q.xLrpw_c19l80gng4D
cache-control: max-age=31557600
accept-ranges: bytes
content-type: image/jpeg
content-length: 262613
x-amz-cf-id: 9GyurSBhSljk8m4c-GHANwlbzT3zKbrrjJjCr0oy7STsASwmUx5vIQ==

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 5ms
5ms Script
application/javascript 2600:9000:2162:9800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2162:9800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 11:49:27 GMT
content-encoding: gzip
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
age: 1087011
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
via: 1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: EWR52-C3
accept-ranges: bytes
content-type: application/javascript
content-length: 30399
x-amz-cf-id: pcjrLbGGLGnVbH73_e_U8SeHq24WuenmSIMxL-Q9dGAHvMccwyzLaw==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 43ms
12ms Image
image/gif 35.174.193.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1650851177050&e=pv&url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&page=Are%20you%20Still%20a%20Republican%3F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=8ac04f97-5edb-47d2-b60f-4691bc24806d&dtm=1650851177048&vp=1600x1200&ds=1600x1412&vid=1&sid=2f96c640-715d-4e84-9cfc-f6701cdca993&duid=644f8fd8-8ac1-4be6-b03c-45c4ed3f17af&uid=e0bc3f0a-3e07-4b5a-b903-bb9f99298399&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZDA0Njc3ZWYtMGMyYi00NmJmLWJkZTAtOWUyMTQ4YzFiMzhmIiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.193.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-174-193-205.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 25 Apr 2022 01:46:17 GMT
access-control-allow-credentials: true
server: akka-http/10.0.9
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length: 43
content-type: image/gif

GET
H2 200 scevent.min.js Show response
sc-static.net/ 20 KB
7 KB 71ms
35ms Script
application/javascript 99.84.122.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WM8J8GJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.122.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-122-245.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: cc308e76a07a70ae096c8c443bbf04154969ef4f52a4c632fc69ef233b8b5fa1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: EWR52-C3
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 7163
via: 1.1 53465a830f1b7f4d109848deed6c5e84.cloudfront.net (CloudFront)
x-amz-cf-id: 1R0sSv52p0DFL42euCyB2rvpEgSc111WUioJ4eChvthIHayERGLK7w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 14ms
4ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: C4AVE36KEbYvI6OsTvBttja+m3VbuDFswuJOt4O9Es7Q1kVmQsDJyA+l5BHg0cXE3RimCDNXIp9fPhfM6UBKng==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Mon, 25 Apr 2022 01:46:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ 13 KB
5 KB 49ms
12ms Script
text/javascript 52.204.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-127-70.compute-1.amazonaws.com
Software: /
Resource Hash: 15101648392c6715024efaac169941f09037c0dc41add7c0a9d186be476f8b81

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Apr 2022 01:46:17 GMT
Content-Encoding: gzip
Cache-Control: max-age=30
Content-Length: 4432
Connection: keep-alive
Content-Type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 24ms
24ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9232116

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

399e772c46d78bcc61654d5ba53a987d8f0441784233858d998e11941de0c2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38253
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 75ms
48ms Script
text/javascript 142.250.81.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f2.1e100.net

Software

cafe /

Resource Hash

4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14897
x-xss-protection: 0
server: cafe
etag: 9926226332162747720
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
4ms Script
text/javascript 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 3741
date: Mon, 25 Apr 2022 00:43:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 25 Apr 2022 02:43:56 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 40ms
11ms Script
application/javascript 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 25 Apr 2022 01:11:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2076
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5748
x-amz-id-2: /2AjjdVeYaUMDkYJAgXQEfnYf15gQh7Y881B+gdrOAFygDcvA//XfwHwbyk0kGs476F+BjS8Xg0=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 17 Jan 2022 12:00:39 GMT
server: ATS
etag: "13a189bb8f25228852b3279db3659c28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1TGPXYPEC7F0D2TA
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges: bytes
content-type: application/javascript

GET
H3-Q050

200

id Show response
stickyid-a.akamaihd.net/
Redirect Chain

https://stickyid-a.akamaihd.net/id?o=https%3A%2F%2Fact.thenrcc.org
https://stickyid-a.akamaihd.net/id?cc=1&o=https%3A%2F%2Fact.thenrcc.org

90 B
540 B

73ms
25ms

XHR
application/json

2600:141b:13::1732:35c2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://stickyid-a.akamaihd.net/id?cc=1&o=https%3A%2F%2Fact.thenrcc.org
Requested by: Host: act.thenrcc.org
URL: https://act.thenrcc.org/are-you-republican-why/?recurring=true&utm_campaign=20220424_house.100619_donthearback_segall_t1172715-573&utm_medium=sms&utm_source=house.100619&utm_content=sms&sc=etext
Protocol: H3-Q050
Server: 2600:141b:13::1732:35c2 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 601e57758d945949faa4ba46f8be639ed43dfb7d85d2ec628768f0ab197254b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
server: AkamaiGHost
etag: "d2715d34e10e5a9f3692d96bd0fbb282:1592835897"
quic-version: Q050
p3p: CP="We do not have a P3P policy."
access-control-allow-origin: https://act.thenrcc.org
cache-control: max-age=0, no-cache, no-store, private
access-control-allow-credentials: true
content-length: 90
content-type: application/json
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
mime-version: 1.0
expires: Mon, 25 Apr 2022 01:46:17 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 25 Apr 2022 01:46:17 GMT
Server: AkamaiGHost
ETag: "d2715d34e10e5a9f3692d96bd0fbb282:1592835897"
Location: /id?cc=1&o=https%3A%2F%2Fact.thenrcc.org
P3P: CP="We do not have a P3P policy."
Access-Control-Allow-Origin: https://act.thenrcc.org
Cache-Control: max-age=0, no-cache, no-store, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 154
Content-Type: text/html
Alt-Svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Mime-Version: 1.0
Expires: Mon, 25 Apr 2022 01:46:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
439 B 46ms
19ms XHR
text/plain 2607:f8b0:4004:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15267911-1&cid=1089771783.1650851177&jid=1093133200&gjid=1848636789&_gid=402406266.1650851177&_u=YGBAiEABBAAAAE~&z=2010282161

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::9d Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://act.thenrcc.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 25 Apr 2022 01:46:17 GMT
content-type: text/plain
access-control-allow-origin: https://act.thenrcc.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
4ms Image
image/gif 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=337849734&t=pageview&_s=1&dl=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&ul=en-us&de=UTF-8&dt=Are%20you%20Still%20a%20Republican%3F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1093133200&gjid=1848636789&cid=1089771783.1650851177&tid=UA-15267911-1&_gid=402406266.1650851177&gtm=2wg4k05F48L7&z=390181388

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::200e Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 04:26:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76777
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 23ms
22ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-815133722&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9232116

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

40b2417cbfe7d60065acfb0e5f6a83851c606e8c13ed5ada0e2855dc307ad53c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42147
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H3 200 1594034790717228 Show response
connect.facebook.net/signals/config/ 5 KB
2 KB 12ms
5ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1594034790717228?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aab08e091b943437a19af2f27666e69b92bbfd1bdd8f1d859126dcc80e2e000e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 2266
x-xss-protection: 0
pragma: public
x-fb-debug: qFUQCTJEdEnQQBEqO6RHm4BYB1wU2860LnXO90fimMyXgjkahSt3ewD1pwC3zBOs/JsqzXuAwONolEDeH5Gwlw==
x-frame-options: DENY
date: Mon, 25 Apr 2022 01:46:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ 65 B
292 B 11ms
11ms Stylesheet
text/css 52.204.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-127-70.compute-1.amazonaws.com
Software: /
Resource Hash: b393e97b798e590ad764875c71cd8d2690123cc98694b0bc2e325a187c4778b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Apr 2022 01:46:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 40ms
10ms Fetch
image/jpeg 52.204.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-127-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Apr 2022 01:46:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ 0
881 B 42ms
10ms Fetch
image/jpeg 52.204.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-127-70.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 25 Apr 2022 01:46:17 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 10148631.json Show response
s.yimg.com/wi/config/ 46 B
678 B 34ms
13ms XHR
application/json 2001:4998:14:800::1001
YAHOO

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10148631.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4998:14:800::1001 , United States, ASN14777 (YAHOO, US),

Reverse DNS

Software

ATS /

Resource Hash

7802514279d805a825923d8ff3b2746e3fa7d4c719d791292b6f860bc2acf20d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:44:33 GMT
x-content-type-options: nosniff
age: 105
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: B2YAC3S9VA05RNA6
x-amz-id-2: pfovjXdIPt3ZAcPuLPDCwykuylykUCpdFo6tDRIlGrBrbtJ0LURvYYqWjgeIpXg+JUwhf25fLr8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 27 May 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 21 Apr 2022 21:54:56 GMT
server: ATS
etag: "d858dce265978fc7a1a7968464b2fe67"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: .qti8VCp4DvxlC5bqwEynF_Fvz7O2fl7
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/json

GET
BLOB 200
OK 804dcab8-d645-4405-ae8d-199b2afcbe17
https://act.thenrcc.org/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://act.thenrcc.org/804dcab8-d645-4405-ae8d-199b2afcbe17
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-bdbf0bb.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Content-Length: 5603
Content-Type: text/css

GET
H2 200 css
fonts.googleapis.com/ 672 B
861 B 35ms
19ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-bdbf0bb.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13086b0351d37813996896899d0c98ac165fbec6f081c7e33583981c22b88ba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 23:49:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 25 Apr 2022 01:46:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 2 KB
2 KB 46ms
24ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1650851177208&cv=9&fst=1650851177208&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&tiba=Are%20you%20Still%20a%20Republican%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580d39a74762ab8aeffaaf73e3abc10b9fe5e52ed0eb25847908c162f93a91ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1114
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
393 B 50ms
32ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=5e5d99b5-b962-4e97-b181-91c29951d1db

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

b48d5b116bdbc6694747c79dfe13b463731b97d50cf128a08a2b27f1c12a8add

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 62 B
125 B 50ms
32ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=5e5d99b5-b962-4e97-b181-91c29951d1db&tld=org

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

40f487b5d43598a1e8d1e3f4802705a2af6e3643700c697e68945547ce0f509a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 43ms
21ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15267911-1&cid=1089771783.1650851177&jid=1093133200&_u=YGBAiEABBAAAAE~&z=125800253

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 316720908987052 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 13ms
12ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316720908987052?v=2.9.57&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f97f3ff8567e0af6205eb171a4d8e125e0746700f0e3a4254889ccc09d6c276f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 88921
x-xss-protection: 0
pragma: public
x-fb-debug: BTW20SmZAmbUF47JPCpq0nmcz5iR+gal7lmgu842StnrKzuwJMFsPp1K+hQvuc5nZ1tSj1JUxaYV4bM51uj4/g==
x-frame-options: DENY
date: Mon, 25 Apr 2022 01:46:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 14ms
4ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1594034790717228&ev=PageView&dl=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&rl=&if=false&ts=1650851177241&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=28&it=1650851177176&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
634 B 68ms
19ms Image
image/gif 76.13.32.146
YAHOO-BF1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2025%20Apr%202022%2001%3A46%3A17%20GMT&n=0&b=Are%20you%20Still%20a%20Republican%3F&.yp=10148631&f=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&enc=UTF-8&yv=1.12.0&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.13.32.146 Lockport, United States, ASN26101 (YAHOO-BF1, US),

Reverse DNS

spdc.pbp.vip.bf1.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 25 Apr 2022 01:46:17 GMT

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 31B1 672 B
1 KB 52ms
40ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=5e5d99b5-b962-4e97-b181-91c29951d1db

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://act.thenrcc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 672
content-type: text/html
date: Mon, 25 Apr 2022 01:46:17 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

GET
H2

200

j Show response
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1650851177253&aid=a-0769&se=e30&duid=60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0&tna=v2.3.0&pu=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtru...
https://rp4.liadm.com/j?dtstmp=1650851177253&aid=a-0769&se=e30&duid=60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0&tna=v2.3.0&pu=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtr...

13 B
552 B

48ms
11ms

XHR
application/json

34.202.82.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1650851177253&aid=a-0769&se=e30&duid=60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0&tna=v2.3.0&pu=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&wpn=lc-bundle&c=PHRpdGxlPkFyZSB5b3UgU3RpbGwgYSBSZXB1YmxpY2FuPzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwZDo1NjAwOjI0OjE0MDA6MTAxMjozNTA5OjYyZjg6Mzg0Yw%3D%3D&n3pc=true

Requested by

Protocol

Server

34.202.82.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-202-82-185.compute-1.amazonaws.com

Software

Resource Hash

efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
x-pixel-event-id: 1d55ac9d-bfdc-4201-be10-a6152fdbd9eb
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: null
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 314a89902f2084de
request-time: 0
content-length: 13
x-content-type-options: nosniff

Redirect headers

date: Mon, 25 Apr 2022 01:46:17 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-permitted-cross-domain-policies: master-only
location: https://rp4.liadm.com/j?dtstmp=1650851177253&aid=a-0769&se=e30&duid=60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0&tna=v2.3.0&pu=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&wpn=lc-bundle&c=PHRpdGxlPkFyZSB5b3UgU3RpbGwgYSBSZXB1YmxpY2FuPzwvdGl0bGU-PG1ldGEgbmFtZT0iZGVzY3JpcHRpb24iIGNvbnRlbnQ9IiI-&i6=MmEwZDo1NjAwOjI0OjE0MDA6MTAxMjozNTA5OjYyZjg6Mzg0Yw%3D%3D&n3pc=true
x-frame-options: DENY
access-control-allow-origin: https://act.thenrcc.org
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 3d2ceaa410f27387
request-time: 0
content-length: 0
x-content-type-options: nosniff

GET
H3 200 p
tr.snapchat.com/ 68 B
86 B 47ms
37ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?trackId=95870220-4dde-4e82-ab78-925a52cda697&pid=5e5d99b5-b962-4e97-b181-91c29951d1db&ev=PAGE_VIEW&pl=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&ts=1650851177275&rf=&v=1.6.0&if=false&bt=__LIVE__&intg=gtm&m_sl=825&m_rd=899&m_pi=634&m_ic=0&u_c1=c40a2179-b4d7-4fae-8de4-96d1840b2082

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
via: 1.1 google
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 2 KB
1 KB 41ms
27ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1650851177279&cv=9&fst=1650851177279&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4k0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&tiba=Are%20you%20Still%20a%20Republican%3F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eff586b3293cd1b92682cc0867ec8f993cce6c0385677fa370ffe2f2867f5c23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1143
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 23ms
5ms Font
font/woff2 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://act.thenrcc.org
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 19:34:47 GMT
x-content-type-options: nosniff
age: 367890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23236
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:18:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 20 Apr 2023 19:34:47 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/815133722/ 42 B
64 B 40ms
25ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/815133722/?random=1650851177208&cv=9&fst=1650848400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg4k0&sendb=1&frm=0&url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&tiba=Are%20you%20Still%20a%20Republican%3F&async=1&fmt=3&is_vtc=1&random=275008268&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
397 B 11ms
11ms XHR
text/plain 52.204.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=7WlXqkCbytjp_O_OKWgGWg&is_js=true&landing_url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&t=Are%20you%20Still%20a%20Republican%3F&host=https://act.thenrcc.org&sa_conv_data_css_value=%20%220-519e90d5-c65e-4c1f-60a4-a3d8cddd22df%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd9342045e75ff3470a5ee805b2e79e8a0d25788ac3
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-127-70.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 01:46:17 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://act.thenrcc.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ 94 B
397 B 23ms
12ms XHR
text/plain 52.204.127.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=7WlXqkCbytjp_O_OKWgGWg&is_js=true&landing_url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&t=Are%20you%20Still%20a%20Republican%3F&host=https://act.thenrcc.org&sa_conv_data_css_value=&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd97c4b64c9ef19472e473a5a5c5eeb8fe225788ac3
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.204.127.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-204-127-70.compute-1.amazonaws.com
Software: /
Resource Hash: 078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

Date: Mon, 25 Apr 2022 01:46:17 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://act.thenrcc.org
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 94

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 12ms
6ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316720908987052&ev=PageView&dl=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&rl=&if=false&ts=1650851177301&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=29&fbp=fb.1.1650851177300.428222556&it=1650851177176&coo=false&exp=p0&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 01:46:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Mon, 25 Apr 2022 01:46:17 GMT

POST
H2 204 /
rtclx.com/s/ 0
661 B 43ms
11ms Ping
text/plain 54.235.30.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rtclx.com/s/?p=7418
Requested by: Host: rtxpx-a.akamaihd.net
URL: https://rtxpx-a.akamaihd.net/main.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.235.30.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-235-30-242.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://act.thenrcc.org/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://act.thenrcc.org
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,X-Forwarded-For,X-Forwarded-Proto,If-Modified-Since,referer,Cache-Control,Content-Type,Range,Pragma,Accept,Accept-Encoding,Accept-Language
access-control-allow-methods: GET, POST, OPTIONS
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 31B1 20 KB
7 KB 5ms
5ms Script
application/javascript 99.84.122.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=5e5d99b5-b962-4e97-b181-91c29951d1db
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.122.245 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-122-245.ewr52.r.cloudfront.net
Software: CloudFront /
Resource Hash: cc308e76a07a70ae096c8c443bbf04154969ef4f52a4c632fc69ef233b8b5fa1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 23:49:58 GMT
content-encoding: gzip
server: CloudFront
age: 6979
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: EWR52-C3
access-control-allow-headers: Content-Type
content-length: 7163
via: 1.1 53465a830f1b7f4d109848deed6c5e84.cloudfront.net (CloudFront)
x-amz-cf-id: 2pzyjADPWpAq-djgZjtGj1Fb6KGMm8JtgDwe-TgI211aPkhQHMnzDA==

GET
H3 200 /
www.google.com/pagead/1p-user-list/815133722/ 42 B
64 B 25ms
24ms Image
image/gif 2607:f8b0:4006:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/815133722/?random=1650851177279&cv=9&fst=1650848400000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa4k0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.thenrcc.org%2Fare-you-republican-why%2F%3Frecurring%3Dtrue%26utm_campaign%3D20220424_house.100619_donthearback_segall_t1172715-573%26utm_medium%3Dsms%26utm_source%3Dhouse.100619%26utm_content%3Dsms%26sc%3Detext&tiba=Are%20you%20Still%20a%20Republican%3F&async=1&fmt=3&is_vtc=1&random=3730536227&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2004 Staten Island, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://act.thenrcc.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Apr 2022 01:46:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame C241
Redirect Chain

https://tr.snapchat.com/cm/s?bt=__LIVE__&pnid=140&cb=1650851177332
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1650802521217%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1650802521217%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1650802521217&pnid=140&pcid=ad5e81c1-361a-4985-b209-c668871d810d

0
15 B

111ms
110ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1650802521217&pnid=140&pcid=ad5e81c1-361a-4985-b209-c668871d810d

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.19.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://tr.snapchat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-transform
content-length: 0
content-type: text/html
date: Mon, 25 Apr 2022 01:46:17 GMT
server: nginx/1.19.6
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 25 Apr 2022 01:46:17 GMT
location: https://tr.snapchat.com/cm/p?rand=1650802521217&pnid=140&pcid=ad5e81c1-361a-4985-b209-c668871d810d
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
strict-transport-security: max-age=31536000
via: 1.1 google

GET
H2 200 pixel Show response
bid.g.doubleclick.net/xbbe/ Frame F802 0
434 B 61ms
29ms Document
text/html 142.251.111.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/pixel?d=KAE

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.111.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bk-in-f156.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://act.thenrcc.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 25 Apr 2022 01:46:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
act.thenrcc.org/are-you-republican-why/	1970-01-20 06:59:08	Name: ubpv Value: a%2Cd04677ef-0c2b-46bf-bde0-9e2148c1b38f
sc-static.net/scevent.min.js	1970-01-20 02:35:37	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
act.thenrcc.org/	1970-01-20 06:53:23	Name: ubvs Value: e0bc3f0a-3e07-4b5a-b903-bb9f99298399
.thenrcc.org/	1970-01-20 02:38:30	Name: ubvt Value: e0bc3f0a-3e07-4b5a-b903-bb9f99298399
.thenrcc.org/	1970-01-20 04:43:47	Name: _gcl_au Value: 1.1.1526988950.1650851177
.thenrcc.org/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .thenrcc.org
.thenrcc.org/	1970-01-20 20:05:23	Name: _lc2_fpi Value: 60ae11d30a5e--01g1f6brmxrxkqsmzsgggc40y0
tags.srv.stackadapt.com/	1970-01-20 11:19:47	Name: sa-user-id Value: s%3A0-519e90d5-c65e-4c1f-60a4-a3d8cddd22df.xQkelz%2Bakj3CwkmDVPhv0pxUGuA7%2BnT9HKh01YPaSK8
.srv.stackadapt.com/	1970-01-20 11:19:47	Name: sa-user-id-v2 Value: s%3AUZ6Q1cZeTB9gpKPYzd0i3yV4isM.iO%2BzdP4Cy%2FzXP3U91XT6AUcQuN%2B9YSDTLNoM9ics%2BRM
.thenrcc.org/	1970-01-20 20:05:23	Name: _ga Value: GA1.2.1089771783.1650851177
.thenrcc.org/	1970-01-20 02:35:37	Name: _gid Value: GA1.2.402406266.1650851177
.thenrcc.org/	1970-01-20 02:34:11	Name: _dc_gtm_UA-15267911-1 Value: 1
.akamaihd.net/	1970-01-20 11:19:47	Name: b53eedc13__ Value: 3440d73dac9f1d602854f678ec83e57ae72af0731.1650851177
.facebook.com/	1970-01-20 04:43:47	Name: fr Value: 0cgiElYblHkjqBDtJ..BiZf1p...1.0.BiZf1p.
.thenrcc.org/	1970-01-20 12:03:57	Name: _scid Value: c40a2179-b4d7-4fae-8de4-96d1840b2082
.liadm.com/	1970-01-20 20:05:23	Name: lidid Value: e958da53-7f68-41b5-9d34-9168acaefcef
.thenrcc.org/	1970-01-20 04:43:47	Name: _fbp Value: fb.1.1650851177300.428222556
.yahoo.com/	1970-01-20 11:20:08	Name: A3 Value: d=AQABBGn9ZWICEIVQXlNK5t_KR1yU73H-XQMFEgEBAQFOZ2JvYgAAAAAA_eMAAA&S=AQAAAmAYH_H8UxkuzCa0USPO1vc
.doubleclick.net/	1970-01-20 20:05:23	Name: IDE Value: AHWqTUkFJgbSKlGUb0SA8GHR1enwulyHYWK7-pDBBqwKop1L4W4fCQyZvWrddVwm
.rtclx.com/	1970-01-20 03:17:23	Name: tp_usr Value: 3440d73dac9f1d602854f678ec83e57ae72af0731
.rtclx.com/	1970-01-20 03:17:23	Name: tp_dfp Value: 7f897ed7c43911ec952e0242ac110004
.snapchat.com/	1970-01-20 11:55:47	Name: sc_at Value: v2\|H4sIAAAAAAAAAEXHyQ2AMAwEwIos+cxu6CZGSRUUDz9+MyBrhqvsPUPyXkdWs6UDTgw/STyWetkoZZnh6099AYu78PJAAAAA
.tapad.com/	1970-01-20 04:00:35	Name: TapAd_TS Value: 1650851177416
.tapad.com/	1970-01-20 04:00:35	Name: TapAd_DID Value: ad5e81c1-361a-4985-b209-c668871d810d
.tapad.com/	1970-01-20 04:00:35	Name: TapAd_3WAY_SYNCS Value:
.thenrcc.org/	1970-01-20 12:03:57	Name: _sctr Value: 1\|1650844800000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.thenrcc.org
ajax.googleapis.com
b-code.liadm.com
bid.g.doubleclick.net
builder-assets.unbounce.com
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gopwin.us
pixel.tapad.com
rp.liadm.com
rp4.liadm.com
rtclx.com
rtxpx-a.akamaihd.net
s.yimg.com
sc-static.net
sp.analytics.yahoo.com
stats.g.doubleclick.net
stickyid-a.akamaihd.net
tags.srv.stackadapt.com
tr.snapchat.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
107.178.246.49
142.250.81.226
142.251.111.156
2001:4998:14:800::1001
2001:4de0:ac18::1:a:2b
2600:141b:13::1732:35bb
2600:141b:13::1732:35c2
2600:1f18:730:b150:1cf:88dc:54d8:eec2
2600:9000:2140:9c00:8:8845:1500:93a1
2600:9000:2162:9800:1d:11cf:5800:93a1
2606:4700::6811:190e
2607:f8b0:4004:c09::9d
2607:f8b0:4006:809::200a
2607:f8b0:4006:80b::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2008
2607:f8b0:4006:824::2003
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
34.202.82.185
34.205.248.193
35.174.193.205
35.186.226.184
52.204.127.70
52.72.49.79
54.235.30.242
76.13.32.146
99.84.122.245
99.84.42.7
99.84.47.189
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
086f1c868f8f769ef0039b238b415fc3c46d97e342309dc8c61cefb40868212e
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
13086b0351d37813996896899d0c98ac165fbec6f081c7e33583981c22b88ba6
15101648392c6715024efaac169941f09037c0dc41add7c0a9d186be476f8b81
1cd6e55f30592f2d07f9d038d85872e5d4fe5b079c86cadf29a3776694593d7b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
399e772c46d78bcc61654d5ba53a987d8f0441784233858d998e11941de0c2ae
40b2417cbfe7d60065acfb0e5f6a83851c606e8c13ed5ada0e2855dc307ad53c
40f487b5d43598a1e8d1e3f4802705a2af6e3643700c697e68945547ce0f509a
4902dcbc3d3c97271a66bc136ec40b0c72422ccd05bb9946aa76382e50c5d6fc
580d39a74762ab8aeffaaf73e3abc10b9fe5e52ed0eb25847908c162f93a91ff
601e57758d945949faa4ba46f8be639ed43dfb7d85d2ec628768f0ab197254b5
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
7802514279d805a825923d8ff3b2746e3fa7d4c719d791292b6f860bc2acf20d
7871c9bce59bef093b594c75cd7eed6bd572a8eb1e835e3d71a6730ddb9042a5
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
99c1cd0ea194dafb63c983d93d0d1926aeac04445e17a5537aeb17b45d5e0288
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aa4139190cb04f5caee86d605566b5247b48b429c73a2b8fa59cda391022edab
aab08e091b943437a19af2f27666e69b92bbfd1bdd8f1d859126dcc80e2e000e
b393e97b798e590ad764875c71cd8d2690123cc98694b0bc2e325a187c4778b3
b48d5b116bdbc6694747c79dfe13b463731b97d50cf128a08a2b27f1c12a8add
bdbf0bb9b89e4db6550fc67b627a228a48f5f43d2192fe2cdf1c00bc9758a5ee
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc308e76a07a70ae096c8c443bbf04154969ef4f52a4c632fc69ef233b8b5fa1
d1601d0597e91869d87b27b2d4a0da5b78a3ea0c3ecec06fd3709c8c895155f4
d612214a5a30838bea68567f6e290f31f106c1280cd05b48b3b9b1d4f0031c29
dfdeb8e8e623204543622c5c72c038d7bea1fdc65bb218a9ac80decb8ee6dc6c
e23a2a4e2d7c2b41ebcdd8ffc0679df7140eb7f52e1eebabf827a88182643c59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
eff586b3293cd1b92682cc0867ec8f993cce6c0385677fa370ffe2f2867f5c23
f7c87bb088237621f9cdc5e3b8d8a0b48c86f54f704778cb5f8630cad9f27597
f97f3ff8567e0af6205eb171a4d8e125e0746700f0e3a4254889ccc09d6c276f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

act.thenrcc.org Open in urlscan Pro 34.205.248.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

94 %HTTPS

56 %IPv6

25 Domains

32 Subdomains

30 IPs

2 Countries

874 kBTransfer

2283 kBSize

26 Cookies

0 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

act.thenrcc.org Open in urlscan Pro
34.205.248.193 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

94 %
HTTPS

56 %
IPv6

25
Domains

32
Subdomains

30
IPs

2
Countries

874 kB
Transfer

2283 kB
Size

26
Cookies

54 HTTP transactions
0 data transactions