urlscan.io logo urlscan.io
SecurityTrails logo

www.nc.gop Open in urlscan Pro
2.16.187.16  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ncgop.org/
Effective URL: https://www.nc.gop/
Submission: On January 22 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 5 countries across 12 domains to perform 35 HTTP transactions. The main IP is 2.16.187.16, located in Ascension Island and belongs to AKAMAI-ASN1, NL. The main domain is www.nc.gop.
TLS certificate: Issued by R3 on December 28th 2020. Valid for: 3 months.
This is the only time www.nc.gop was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 184.168.131.241 26496 (AS-26496-...)
1 1 96.45.82.241 16552 (TIGGEE)
1 2 2.16.187.16 20940 (AKAMAI-ASN1)
5 65.9.76.93 16509 (AMAZON-02)
4 104.111.238.100 16625 (AKAMAI-AS)
1 65.9.73.9 16509 (AMAZON-02)
2 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
1 65.9.73.11 16509 (AMAZON-02)
1 65.9.73.36 16509 (AMAZON-02)
1 52.19.70.84 16509 (AMAZON-02)
1 2a03:2880:f12... 32934 (FACEBOOK)
35 13
1    184.168.131.241 (Scottsdale, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-184-168-131-241.ip.secureserver.net
www.ncgop.org
1    96.45.82.241 (United States)

ASN16552 (TIGGEE, US)
PTR: redirection.dnsmadeeasy.com
nc.gop
2    2.16.187.16 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-187-16.deploy.static.akamaitechnologies.com
www.nc.gop
5    65.9.76.93 (Seattle, United States)

ASN16509 (AMAZON-02, US)
d3n8a8pro7vhmx.cloudfront.net
4    104.111.238.100 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-100.deploy.static.akamaitechnologies.com
ncgop.nationbuilder.com
1    65.9.73.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
static.hotjar.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a00:1450:4001:81a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
2    2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    65.9.73.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
script.hotjar.com
1    65.9.73.36 (Seattle, United States)

ASN16509 (AMAZON-02, US)
vars.hotjar.com
1    52.19.70.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-70-84.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
5 d3n8a8pro7vhmx.cloudfront.net www.nc.gop
4 ncgop.nationbuilder.com www.nc.gop
2 connect.facebook.net www.nc.gop
connect.facebook.net
2 ssl.google-analytics.com www.nc.gop
2 apis.google.com www.nc.gop
apis.google.com
2 platform.twitter.com www.nc.gop
platform.twitter.com
2 www.nc.gop 1 redirects
1 www.facebook.com connect.facebook.net
1 in.hotjar.com script.hotjar.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.nc.gop
1 nc.gop 1 redirects
1 www.ncgop.org 1 redirects
0 ajax.googleapis.com Failed www.nc.gop
0 cdn.jsdelivr.net Failed www.nc.gop
0 fonts.googleapis.com Failed www.nc.gop
35 17
Subject Issuer Validity Valid
secure82392f0390275427e5dcff94.nationbuilder.com
R3		 2020-12-28 -
2021-03-28		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.nationbuilder.com
DigiCert SHA2 Secure Server CA		 2020-06-08 -
2021-09-07		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.apis.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-01-05 -
2021-03-30		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-12-22 -
2021-03-21		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-12-15 -
2021-03-09		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://www.nc.gop/
Frame ID: CB21AA75356DB7DC1CF14518BDDC5F4B
Requests: 33 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.nc.gop
Frame ID: FF13ABE2D370DF208C6DE8B53703E2F4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 4CA3A2457113A8762D1C44D41EBBB900
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.ncgop.org/ HTTP 301
    http://nc.gop/ HTTP 301
    http://www.nc.gop/ HTTP 301
    https://www.nc.gop/ Page URL

Detected technologies

Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 50%
Detected patterns
  • meta csrf-param /^authenticity_token$/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]+(?:\/([\d.]+)\/)?slick-theme\.css/i

Page Statistics

35
Requests

66 %
HTTPS

36 %
IPv6

12
Domains

17
Subdomains

13
IPs

5
Countries

1189 kB
Transfer

1877 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ncgop.org/ HTTP 301
    http://nc.gop/ HTTP 301
    http://www.nc.gop/ HTTP 301
    https://www.nc.gop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

35 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
www.nc.gop/
Redirect Chain
  • http://www.ncgop.org/
  • http://nc.gop/
  • http://www.nc.gop/
  • https://www.nc.gop/
81 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nc.gop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.187.16 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-187-16.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8cfb231c3d06315f17ab69dae67a65cca1d77b2031652c56746354b5877801ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Host
www.nc.gop
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Request-Method
GET, POST, PUT, DELETE
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
ETag
W/"c6e5854988d4d860c956c9cdc2713c09-gzip"
Server
Apache
status
200 OK
Vary
Accept-Encoding
x-content-digest
5b3fee580fbd60543551c2a91d125eba664f4e17
x-content-type-options
nosniff
x-frame-options
ALLOWALL
x-middleware-start
t=1611273614125092
x-nationbuilder
true
x-nb-cached-page
yes
x-rack-cache
stale, invalid, ignore, store
x-request-id
04d445b5-f3f4-4990-8311-746f3c5509ea
x-runtime
0.117750
x-served-by
app13
Content-Length
19416
Expires
Fri, 22 Jan 2021 00:00:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 22 Jan 2021 00:00:14 GMT
Connection
keep-alive
Set-Cookie
_nbuild_token=9V59CWtw0Z9cvVbBPelwY0CY7XPI9cWcb2ipfDKFXdU%3D; path=/; HttpOnly
Use-Proxy
True

Redirect headers

Content-Type
text/html
Location
https://www.nc.gop/
Server
Apache
status
301 Moved Permanently
x-middleware-start
t=1611273613641443
x-nationbuilder
true
x-nb-code
1011
x-rack-cache
miss
x-request-id
7f34fcc2-2cac-48ad-812e-84c7fb20ff56
x-runtime
0.041432
x-served-by
app10
Content-Length
0
Expires
Fri, 22 Jan 2021 00:00:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 22 Jan 2021 00:00:13 GMT
Connection
keep-alive
Use-Proxy
True
css
fonts.googleapis.com/ 		0
0
remodal.css
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
remodal-default-theme.css
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
selectric.css
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
magnific-popup.css
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
slick.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		0
0
slick-theme.css
cdn.jsdelivr.net/jquery.slick/1.6.0/ 		0
0
theme.scss
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/ 		0
0
main-b6b79875c1f8f028bef19fba03c9f57f317488bd3a8f4821c1e3afde564a0db2.js
d3n8a8pro7vhmx.cloudfront.net/assets/liquid/ 		0
0
jquery.ui.effect.min.js
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
jquery.ui.effect-slide.min.js
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		0
0
ncgop-logo-new.png
d3n8a8pro7vhmx.cloudfront.net/ncgop/sites/21/meta_images/original/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/ncgop/sites/21/meta_images/original/ncgop-logo-new.png?1589336071
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f0b24e170ab93e93c9e80712810926a3a83414e4e4174ac710079ac0910e921d

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 21 Jan 2021 15:41:24 GMT
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
last-modified
Wed, 13 May 2020 02:14:32 GMT
server
AmazonS3
age
29931
etag
"074ea3e685978ed86f41eea3d46ff52f"
x-cache
Hit from cloudfront
x-amz-version-id
null
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
image/png
content-length
25588
x-amz-cf-id
vQm2ozp8g5QOKM_W33cmfH3bWunYfDPaizlZyIoGD4GQsP6hWUBy-Q==
liquid-004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8.js
d3n8a8pro7vhmx.cloudfront.net/assets/ 		77 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/assets/liquid-004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 09 Dec 2020 01:20:30 GMT
content-encoding
gzip
age
3796785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30328
last-modified
Tue, 02 Apr 2019 14:02:02 GMT
server
AmazonS3
etag
"12414d69825fa2aeb0a3f495db80acb6"
x-amz-version-id
null
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
cache-control
public, max-age=31557600
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-type
application/ecmascript
x-amz-cf-id
I9DxY69TpQOaVUFjySQdrWZzyruxLfmks5h1JBDoA0lsP-lnc3uYng==
expires
Wed, 01 Apr 2020 20:02:01 GMT
bootstrap.js
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		65 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/bootstrap.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.100 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

use-proxy
True
date
Fri, 22 Jan 2021 00:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-middleware-start
t=1606774115637822
content-length
13493
x-request-id
4be2ab7d-8814-492d-a166-fa78c214c5e3
x-served-by
app12
x-runtime
0.033791
x-content-digest
56444859edd76300f8d6e734de0ba8af21539070
server
Apache
x-frame-options
ALLOWALL
etag
W/"bc4a90e5c0f890d1f8668b26236db8f1"
vary
Accept-Encoding
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-nationbuilder
true
x-rack-cache
fresh
expires
Fri, 22 Jan 2021 00:00:14 GMT
_nm-scripts.js
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		93 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/_nm-scripts.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.100 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
eaf396ba696a312b7254319be849a4003a0c44874555fe4096bca889ec13dcde
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

use-proxy
True
date
Fri, 22 Jan 2021 00:00:14 GMT
x-content-type-options
nosniff
status
200 OK
x-middleware-start
t=1606774120911114
content-length
95242
x-request-id
f9b16f99-7931-40e4-bda0-edf3d906cbea
x-served-by
app12
x-runtime
0.025531
x-content-digest
9a2467b0d598350f0ac28b16a27ac13e62652287
server
Apache
etag
W/"eaf396ba696a312b7254319be849a400"
x-frame-options
ALLOWALL
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-nationbuilder
true
x-rack-cache
fresh
expires
Fri, 22 Jan 2021 00:00:14 GMT
remodal.min.js
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/remodal.min.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.100 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

use-proxy
True
date
Fri, 22 Jan 2021 00:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-middleware-start
t=1606774124700002
content-length
2670
x-request-id
6ca0cbfa-47dd-480c-8b5d-1e4e2f466dc6
x-served-by
app10
x-runtime
0.052110
x-content-digest
84ce6b3f9b2de38a68253c6b8fdee77273b00962
server
Apache
x-frame-options
ALLOWALL
etag
W/"c21ea2a0ec1a9c48686c58d481b308e2"
vary
Accept-Encoding
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-nationbuilder
true
x-rack-cache
fresh
expires
Fri, 22 Jan 2021 00:00:14 GMT
jquery.magnific-popup.min.js
ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/jquery.magnific-popup.min.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.238.100 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-238-100.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
666ea8fccc6357315c19049cba0ee7b821e5898d5b0d7d2273c03196e664cef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

use-proxy
True
date
Fri, 22 Jan 2021 00:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-middleware-start
t=1606774125938879
content-length
7356
x-request-id
b3376cf6-9980-4db0-9478-d0c1575c2abb
x-served-by
app14
x-runtime
0.027018
x-content-digest
9e524854b53bfc43171ec8283ba0dd2b300893af
server
Apache
x-frame-options
ALLOWALL
etag
W/"666ea8fccc6357315c19049cba0ee7b8"
vary
Accept-Encoding
content-type
text/javascript
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
x-nationbuilder
true
x-rack-cache
fresh
expires
Fri, 22 Jan 2021 00:00:14 GMT
hotjar-1834201.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1834201.js?sv=6
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cfcb2ebfc9415afc56f577df13547babeedc05af48b8b623a9db7df92d021c73
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 00:00:14 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
AMS1-C1
etag
W/f70a1c6b818decbc27c959d87617439b
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
x-cache-hit
1
content-length
1529
via
1.1 0f65f9aac16e53eeb77d85b7c23a21c2.cloudfront.net (CloudFront)
x-amz-cf-id
EJOi-nrQ0JPWSHl8EYK2qU-8horF2P1JVnJm8sL4ZJgWrQM3uCqorA==
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B89) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Fri, 22 Jan 2021 00:00:14 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
565
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28698
x-tw-cdn
VZ
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (amb/6B89)
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
plusone.js
apis.google.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
90364f9e89de88e01f85441ad4f682cef06a7d643a338d423019076a403b32f0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WQTctGhI2pcOoZdwbS5cBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 22 Jan 2021 00:00:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"ce489fde74c25a877295fbc1287705bd"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-WQTctGhI2pcOoZdwbS5cBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Fri, 22 Jan 2021 00:00:14 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
6102
date
Thu, 21 Jan 2021 22:18:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Fri, 22 Jan 2021 00:18:32 GMT
ncgop-mountains.jpg
d3n8a8pro7vhmx.cloudfront.net/ncgop/pages/4308/features/original/ 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/ncgop/pages/4308/features/original/ncgop-mountains.jpg?1589336074
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bc110184648e986e0d5ebf9af9a5dff7023b400d2c3c43e5abf6dd2915c8314d

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
etag
"c33375cb64770db54e95738207811c88"
last-modified
Wed, 13 May 2020 02:14:36 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Fri, 22 Jan 2021 00:00:16 GMT
accept-ranges
bytes
content-length
280824
x-amz-cf-id
uUuIifpwezEFRyUBcgGM8QwVLeI3UJRV4qEuvQRnj8UF4TwSIyjhxg==
piedmont-prairies.jpg
d3n8a8pro7vhmx.cloudfront.net/ncgop/pages/4342/features/original/ 		179 KB
180 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/ncgop/pages/4342/features/original/piedmont-prairies.jpg?1589493306
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
314736d3d74a89441497476d5df3696b397ff602d04c65d69cfef510c8f2581b

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
etag
"52f937e9d17ad673085f5a484f1a0f12"
last-modified
Thu, 14 May 2020 21:55:08 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Fri, 22 Jan 2021 00:00:16 GMT
accept-ranges
bytes
content-length
183447
x-amz-cf-id
WRiXmQmYsSM7HMYiuh-AP7_XmnJyVcwfq-DSpSt3wLbd2l8IC6Yxvw==
ncgop-beach.jpg
d3n8a8pro7vhmx.cloudfront.net/ncgop/pages/4307/features/original/ 		303 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3n8a8pro7vhmx.cloudfront.net/ncgop/pages/4307/features/original/ncgop-beach.jpg?1589336073
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.76.93 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8870cd807e916eca6de2d04b289f7395e54b849db0a6cf5f1aef99e3d46f21d7

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
null
via
1.1 8e380527758859f940c2c93ed9fbd5d8.cloudfront.net (CloudFront)
etag
"b449363a7e06911ae64c8167fa6e907b"
last-modified
Wed, 13 May 2020 02:14:34 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-C1
x-amz-server-side-encryption
AES256
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
date
Fri, 22 Jan 2021 00:00:16 GMT
accept-ranges
bytes
content-length
310219
x-amz-cf-id
xzeJEECS501G3zybxxsW9GCd7Dc1I0VxEsDYeiB5Hkq52MoNZ8WfkQ==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
148732fe69f1a1ce40720bb7ebb1fd50619d910d996d21f79086bf07f5b123f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
0ENQYchx13QzdjcieIBVQA==
cross-origin-resource-policy
cross-origin
expires
Fri, 22 Jan 2021 00:06:51 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
x-fb-rlafr
0
x-fb-debug
d+QdGUZgB/oF1NnmtdyCzHP7/+Fv214uwk9i+oZ+REk2xJf62omUz0LJcj0ty3kCXcY9GjsBKCExPEMGmNoMWA==
x-fb-trip-id
2050670934
x-fb-content-md5
6e527253117122701f6d250a00cce796
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 22 Jan 2021 00:00:14 GMT
x-frame-options
DENY
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"16bcfc5ee903c563f289273881a6878b"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
__utm.gif
ssl.google-analytics.com/r/ 		35 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=811755153&utmhn=www.nc.gop&utme=8(Page%20type)9(Basic)&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=North%20Carolina%20Republican%20Party&utmhid=704091914&utmr=-&utmp=%2F&utmht=1611273615114&utmac=UA-152599687-2&utmcc=__utma%3D1.1009609586.1611273615.1611273615.1611273615.1%3B%2B__utmz%3D1.1611273615.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&aip=1&utmjid=1359531408&utmredir=1&utmu=qxQAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: www.nc.gop
URL: https://www.nc.gop/
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 22 Jan 2021 00:00:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.6bed46e8e2dd9fe4f61e.js
script.hotjar.com/ 		222 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.6bed46e8e2dd9fe4f61e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1834201.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b2c44869f7830d1bbc5d51eb53b00cd6ecf9174fe66b06dfb87234f3c1b06882
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 21 Jan 2021 15:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
32098
x-cache
Hit from cloudfront
content-length
59731
access-control-allow-origin
*
last-modified
Thu, 21 Jan 2021 15:04:22 GMT
etag
"764fbc4b82cec085beefe5d83c046a9d"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 5e828cc6ff056cb59ec35c3467ec45f5.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
-gjPmFcicpnzz42YLqFM2U2smY74S8a7azxpgyKrTEw34QScWLmPsg==
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/ 		138 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.SnHyU412DY0.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCObTkZu7kqIvAlB0bY4g3IzlKIb5g/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e51f1f53f9449e241d46c551d63b14e91cb113480b04fd4e0e49d3b8c96505e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 18 Jan 2021 20:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2020 23:44:49 GMT
server
sffe
age
273044
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49563
x-xss-protection
0
expires
Tue, 18 Jan 2022 20:09:31 GMT
sdk.js
connect.facebook.net/en_US/ 		196 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=a0a113dc1d7af4327b5999014749885d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e820b80d956e9dd121d0dfa47859f17bebb71fe52309a64814535e2842df1e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.nc.gop
Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
XgfXXtSCNVc3OrNlQKNqOw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
60427
x-fb-rlafr
0
x-fb-debug
JewJU2s76Ijyf9VCIa3PCXVvKzGgK9AC8YQUEWqdiRRdANZvMWOMA4bLKzXaGixYx/ztJtej6y9gQ2E1c2v6hw==
x-fb-trip-id
917726464
x-fb-content-md5
a05a113bed63c9a3ecf002578542c899
x-frame-options
DENY
date
Fri, 22 Jan 2021 00:00:15 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"af2015f516af403a0a6428e30ea2bb59"
timing-allow-origin
*
expires
Fri, 21 Jan 2022 20:32:04 GMT
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame FF13 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fwww.nc.gop
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B81) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nc.gop/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nc.gop/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
2953436
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 22 Jan 2021 00:00:15 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6B81)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 4CA3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1834201.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.36 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nc.gop/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.nc.gop/

Response headers

content-type
text/html
content-length
851
date
Sat, 28 Nov 2020 11:53:24 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
last-modified
Fri, 27 Nov 2020 18:15:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
H4MXvPC7DaLxPH0ZmEkce5X5G-FODKgaknu3b4C8zq764AHx2I1Wqg==
age
4709211
visit-data
in.hotjar.com/api/v2/client/sites/1834201/ 		152 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1834201/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.6bed46e8e2dd9fe4f61e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.70.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-70-84.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 22 Jan 2021 00:00:15 GMT
content-encoding
br
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/json
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=126739610711965&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.nc.gop%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=a0a113dc1d7af4327b5999014749885d&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nc.gop/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
B0SadWL2ZkKucDKBvNDYEVa9DT0SYYe/s6SMOcriqdI7UJxWBOG0ipsZT/Yz4IjJXs6F5JcZGu2uipsxrdl/qQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Fri, 22 Jan 2021 00:00:15 GMT
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.nc.gop
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Oswald:300,400,500,600,700&display=swap
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/remodal.css
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/remodal-default-theme.css
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/selectric.css
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/magnific-popup.css
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick.css
Domain
cdn.jsdelivr.net
URL
https://cdn.jsdelivr.net/jquery.slick/1.6.0/slick-theme.css
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/theme.scss
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.0/themes/cupertino/jquery-ui.css
Domain
d3n8a8pro7vhmx.cloudfront.net
URL
https://d3n8a8pro7vhmx.cloudfront.net/assets/liquid/main-b6b79875c1f8f028bef19fba03c9f57f317488bd3a8f4821c1e3afde564a0db2.js
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/jquery.ui.effect.min.js
Domain
ncgop.nationbuilder.com
URL
https://ncgop.nationbuilder.com/themes/21/5ebdc70dc294805b1cfbd7f2/0/attachments/15894958021606771053/default/jquery.ui.effect-slide.min.js

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| hj object| _hjSettings number| _sf_startpt object| NB string| _auth_token_name string| _auth_token object| twttr object| _gaq function| fbAsyncInit object| $j undefined| GeoMap function| _ undefined| $lateral_menu_trigger undefined| $content_wrapper undefined| $navigation object| REMODAL_GLOBALS undefined| referrer_origin undefined| xhttp undefined| params object| _gat object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| gapi object| ___jsl object| FB object| __twttrll object| __twttr object| gadgets object| osapi object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
apis.google.com
cdn.jsdelivr.net
connect.facebook.net
d3n8a8pro7vhmx.cloudfront.net
fonts.googleapis.com
in.hotjar.com
nc.gop
ncgop.nationbuilder.com
platform.twitter.com
script.hotjar.com
ssl.google-analytics.com
static.hotjar.com
vars.hotjar.com
www.facebook.com
www.nc.gop
www.ncgop.org
ajax.googleapis.com
cdn.jsdelivr.net
d3n8a8pro7vhmx.cloudfront.net
fonts.googleapis.com
ncgop.nationbuilder.com
104.111.238.100
184.168.131.241
2.16.187.16
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:814::2008
2a00:1450:4001:81a::200e
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
52.19.70.84
65.9.73.11
65.9.73.36
65.9.73.9
65.9.76.93
96.45.82.241
004c65a942f8804fb75f8613bf1dea7e8bf2e9e00227caa99c2b4c576751a3a8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
148732fe69f1a1ce40720bb7ebb1fd50619d910d996d21f79086bf07f5b123f2
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
314736d3d74a89441497476d5df3696b397ff602d04c65d69cfef510c8f2581b
3e51f1f53f9449e241d46c551d63b14e91cb113480b04fd4e0e49d3b8c96505e
666ea8fccc6357315c19049cba0ee7b821e5898d5b0d7d2273c03196e664cef8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8870cd807e916eca6de2d04b289f7395e54b849db0a6cf5f1aef99e3d46f21d7
8cfb231c3d06315f17ab69dae67a65cca1d77b2031652c56746354b5877801ac
90364f9e89de88e01f85441ad4f682cef06a7d643a338d423019076a403b32f0
b2c44869f7830d1bbc5d51eb53b00cd6ecf9174fe66b06dfb87234f3c1b06882
bc110184648e986e0d5ebf9af9a5dff7023b400d2c3c43e5abf6dd2915c8314d
bc4a90e5c0f890d1f8668b26236db8f1d35448714f9812270008613d7b0ad0d2
c21ea2a0ec1a9c48686c58d481b308e247fa9f747d2208099ce598ef823e555c
c4dc799d09b15e57ee98e3c3866ca16f53354cb79838d3aa6c9c961292151858
cfcb2ebfc9415afc56f577df13547babeedc05af48b8b623a9db7df92d021c73
e820b80d956e9dd121d0dfa47859f17bebb71fe52309a64814535e2842df1e57
eaf396ba696a312b7254319be849a4003a0c44874555fe4096bca889ec13dcde
f0b24e170ab93e93c9e80712810926a3a83414e4e4174ac710079ac0910e921d