urlscan.io logo urlscan.io
SecurityTrails logo

secure.nrsc.org Open in urlscan Pro
52.4.130.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paracom.paramountcommunication.com/ct/47619085:sy7uHeVhN:m:1:2021889386:3AFCC9DA99E874E0CE0A53A0E35FE277:r
Effective URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_c...
Submission: On May 10 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 2 countries across 22 domains to perform 64 HTTP transactions. The main IP is 52.4.130.200, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is secure.nrsc.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 3rd 2018. Valid for: 3 months.
This is the only time secure.nrsc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.71.200.178 16509 (AMAZON-02)
13 52.4.130.200 14618 (AMAZON-AES)
3 172.227.115.186 20940 (AKAMAI-ASN1)
3 199.96.57.6 13414 (TWITTER)
1 172.217.21.234 15169 (GOOGLE)
6 13.32.222.141 16509 (AMAZON-02)
4 23.111.9.35 54104 (AS-STACKPATH)
2 172.217.21.232 15169 (GOOGLE)
6 157.240.20.19 32934 (FACEBOOK)
7 157.240.20.35 32934 (FACEBOOK)
1 172.217.21.194 15169 (GOOGLE)
1 104.244.43.112 13414 (TWITTER)
2 204.79.197.200 8068 (MICROSOFT...)
1 13.32.222.127 16509 (AMAZON-02)
1 3 162.243.245.192 14061 (DIGITALOC...)
1 104.244.42.133 13414 (TWITTER)
1 216.58.205.226 15169 (GOOGLE)
1 2 172.217.21.228 15169 (GOOGLE)
2 172.217.23.131 15169 (GOOGLE)
1 1 104.244.42.136 13414 (TWITTER)
3 3 185.33.223.215 29990 (ASN-APPNEXUS)
1 52.216.132.29 16509 (AMAZON-02)
2 3 172.217.18.174 15169 (GOOGLE)
1 2 74.125.206.157 15169 (GOOGLE)
1 3 52.205.214.62 14618 (AMAZON-AES)
1 104.244.42.195 13414 (TWITTER)
1 52.21.161.113 14618 (AMAZON-AES)
64 24
1    54.71.200.178 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-71-200-178.us-west-2.compute.amazonaws.com
paracom.paramountcommunication.com
13    52.4.130.200 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-130-200.compute-1.amazonaws.com
secure.nrsc.org
3    172.227.115.186 (Cambridge, United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-115-186.deploy.static.akamaitechnologies.com
use.typekit.net
p.typekit.net
3    199.96.57.6 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
platform.twitter.com
1    172.217.21.234 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f10.1e100.net
fonts.googleapis.com
6    13.32.222.141 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-141.fra56.r.cloudfront.net
secure.victorypassport.com
4    23.111.9.35 (Phoenix, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
use.fontawesome.com
2    172.217.21.232 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f232.1e100.net
www.googletagmanager.com
6    157.240.20.19 (Menlo Park, United States)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net
staticxx.facebook.com
7    157.240.20.35 (Menlo Park, United States)

ASN32934 (FACEBOOK - Facebook, Inc., US)
PTR: edge-star-mini-shv-02-frt3.facebook.com
www.facebook.com
1    172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f194.1e100.net
www.googleadservices.com
1    104.244.43.112 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
static.ads-twitter.com
2    204.79.197.200 (Redmond, United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: a-0001.a-msedge.net
bat.bing.com
1    13.32.222.127 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-222-127.fra56.r.cloudfront.net
b-code.liadm.com
3    162.243.245.192 (New York, United States)

ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US)
getrockerbox.com
1    104.244.42.133 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    216.58.205.226 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f2.1e100.net
googleads.g.doubleclick.net
2    172.217.21.228 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f228.1e100.net
www.google.com
2    172.217.23.131 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f3.1e100.net
www.google.de
1    104.244.42.136 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
3    185.33.223.215 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
secure.adnxs.com
1    52.216.132.29 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s3.amazonaws.com
3    172.217.18.174 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s29-in-f14.1e100.net
www.google-analytics.com
2    74.125.206.157 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: wk-in-f157.1e100.net
stats.g.doubleclick.net
3    52.205.214.62 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-205-214-62.compute-1.amazonaws.com
lcidc.liadm.com
1    104.244.42.195 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
1    52.21.161.113 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-161-113.compute-1.amazonaws.com
c.liadm.com
Domain Requested by
13 secure.nrsc.org secure.nrsc.org
7 www.facebook.com secure.nrsc.org
6 secure.victorypassport.com secure.nrsc.org
secure.victorypassport.com
5 connect.facebook.net secure.nrsc.org
connect.facebook.net
4 use.fontawesome.com secure.nrsc.org
use.fontawesome.com
3 lcidc.liadm.com 1 redirects
3 www.google-analytics.com 2 redirects secure.victorypassport.com
3 secure.adnxs.com 3 redirects
3 getrockerbox.com 1 redirects secure.nrsc.org
3 platform.twitter.com secure.nrsc.org
platform.twitter.com
2 stats.g.doubleclick.net 1 redirects secure.nrsc.org
2 www.google.de secure.nrsc.org
2 www.google.com 1 redirects secure.nrsc.org
2 bat.bing.com www.googletagmanager.com
secure.nrsc.org
2 www.googletagmanager.com secure.nrsc.org
secure.victorypassport.com
2 use.typekit.net secure.nrsc.org
use.typekit.net
1 c.liadm.com
1 analytics.twitter.com static.ads-twitter.com
1 s3.amazonaws.com secure.nrsc.org
1 syndication.twitter.com 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 t.co secure.nrsc.org
1 staticxx.facebook.com connect.facebook.net
1 p.typekit.net secure.nrsc.org
1 b-code.liadm.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 fonts.googleapis.com secure.nrsc.org
1 paracom.paramountcommunication.com 1 redirects
64 29

This site contains links to these domains. Also see Links.

Domain
www.nrsc.org
Subject Issuer Validity Valid
secure.nrsc.org
Let's Encrypt Authority X3		 2018-05-03 -
2018-08-01		 3 months crt.sh
*.victorypassport.com
Amazon		 2018-01-10 -
2019-02-10		 a year crt.sh
platform.twitter.com
DigiCert SHA2 High Assurance Server CA		 2017-04-04 -
2018-05-25		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2017-12-15 -
2019-03-22		 a year crt.sh

This page contains 5 frames:

Primary Page: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Frame ID: 4414583A07E98ADCDEC0E876769D76D0
Requests: 60 HTTP requests in this frame

Frame: https://secure.victorypassport.com/pages/nrsc/white-house-pocket-t-shirt-blue
Frame ID: 8B7AD536D3C12E73627784315DA01941
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.d383dc1d510865aceaa5e552afcf5663.html?origin=https%3A%2F%2Fsecure.nrsc.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: C2E6789BCABAC007F84EB4AA5992513A
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/RQ7NiRXMcYA.js?version=42
Frame ID: 7E96FD4AA13E72190F98B3773012BDC3
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: F0F1100C428B129CCE9D761379AF96EB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paracom.paramountcommunication.com/ct/47619085:sy7uHeVhN:m:1:2021889386:3AFCC9DA99E874E0CE0A53A0E35FE277:r HTTP 302
    https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&ut... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
  • script /\/wp-includes\//i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Mustache$/i
Overall confidence: 100%
Detected patterns
  • env /^Vue$/i
Overall confidence: 100%
Detected patterns
  • html /<!-- This site is optimized with the Yoast/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^Hammer$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i
Overall confidence: 100%
Detected patterns
  • env /^twemoji$/i
Overall confidence: 100%
Detected patterns
  • env /^Typekit$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

64
Requests

27 %
HTTPS

0 %
IPv6

22
Domains

29
Subdomains

24
IPs

2
Countries

634 kB
Transfer

1696 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paracom.paramountcommunication.com/ct/47619085:sy7uHeVhN:m:1:2021889386:3AFCC9DA99E874E0CE0A53A0E35FE277:r HTTP 302
    https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 46
  • https://getrockerbox.com/pixel.gif?action=view&source=nrsc&rb_source=nrsc&an_seg=11304236&type=imp HTTP 302
  • https://secure.adnxs.com/getuid?%2fseg%3fadd%3d11304236%26redir%3dhttps%253a%252f%252fgetrockerbox.com%252fpixel.gif%253fadnxs_uid%253d$UID%2526action%253dview%2526source%253dnrsc%2526rb_source%253dnrsc%2526an_seg%253d11304236%2526type%253dimp HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3F%252fseg%253fadd%253d11304236%2526redir%253dhttps%25253a%25252f%25252fgetrockerbox.com%25252fpixel.gif%25253fadnxs_uid%25253d%24UID%252526action%25253dview%252526source%25253dnrsc%252526rb_source%25253dnrsc%252526an_seg%25253d11304236%252526type%25253dimp HTTP 302
  • https://secure.adnxs.com/seg?add=11304236&redir=https%3a%2f%2fgetrockerbox.com%2fpixel.gif%3fadnxs_uid%3d5608271319262963746%26action%3dview%26source%3dnrsc%26rb_source%3dnrsc%26an_seg%3d11304236%26type%3dimp HTTP 302
  • https://getrockerbox.com/pixel.gif?adnxs_uid=5608271319262963746&action=view&source=nrsc&rb_source=nrsc&an_seg=11304236&type=imp
Request Chain 50
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=431579746&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&ul=en-us&de=UTF-8&dt=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1757036068&gjid=774962500&cid=502845438.1525989222&tid=UA-23419263-1&_gid=548380018.1525989222&_r=1&z=1299062476 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_gid=548380018.1525989222&gjid=774962500&_v=j67&z=1299062476 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_v=j67&z=1299062476 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_v=j67&z=1299062476&slf_rd=1&random=4000118657
Request Chain 52
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=431579746&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&ul=en-us&de=UTF-8&dt=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=423648413&gjid=503027916&cid=502845438.1525989222&tid=UA-23419263-11&_gid=548380018.1525989222&_r=1&gtm=G4r5WDLTFM&z=1332030777 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=502845438.1525989222&jid=423648413&_gid=548380018.1525989222&gjid=503027916&_v=j67&z=1332030777
Request Chain 59
  • https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4 HTTP 302
  • https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4&n3pc=true

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.nrsc.org/donation_page/white-house-pocket-t-shirt/
Redirect Chain
  • http://paracom.paramountcommunication.com/ct/47619085:sy7uHeVhN:m:1:2021889386:3AFCC9DA99E874E0CE0A53A0E35FE277:r
  • https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_co...
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
63330db1a970f35394ee59e34b8475d5cedfafab17b7f67a2a094c478fd2aa96

Request headers

:method
GET
:authority
secure.nrsc.org
:scheme
https
:path
/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4414583A07E98ADCDEC0E876769D76D0

Response headers

status
200
server
nginx
date
Thu, 10 May 2018 21:53:40 GMT
content-type
text/html; charset=UTF-8
content-length
5191
link
<https://www.nrsc.org/?p=4306>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip
wpe-backend
apache
x-type
nocachearg

Redirect headers

Date
Thu, 10 May 2018 21:53:39 GMT
Content-Type
text/html; charset=utf-8
Content-Length
308
Connection
keep-alive
Set-Cookie
AWSALB=N4VHfybyXpU2L4iwp676FP4/xWAw6Hd2nwd8FpmnhGK7GhtjRq3d0uFYAzB+Ogm6ocnTUyf8KCMHezSzLsrf7zmhVmyX8AHjQJ9eVp+wF3VOtNU0pApfwmDSRCtD; Expires=Thu, 17 May 2018 21:53:39 GMT; Path=/
Server
Apache
Vary
X-Forwarded-Proto,Accept-Encoding
Cache-Control
no-cache
Pragma
no-cache
Location
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Content-Encoding
gzip
nnp5tpv.js
use.typekit.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/nnp5tpv.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.227.115.186 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-115-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
91e072c6c6ffa097a7b56288184b067ba3f3b6723fd19331deb99613999b395e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
status
200, 200 OK
date
Thu, 10 May 2018 21:53:40 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7433
widgets.js
platform.twitter.com/ 		123 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
e35e107c1e3d4ec87c9db64ce2f49381949ebc94b2356448140b4b2c3c4f661f

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
age
1153
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
36338
x-served-by
cache-tw-fra1-cr1-14-TWFRA1
last-modified
Mon, 07 May 2018 22:01:37 GMT
x-timer
S1525989220.493475,VS0,VE0
etag
"032b36172a4167c76faf336a933991e6+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
public, max-age=1800
accept-ranges
bytes
css
fonts.googleapis.com/ 		697 B
354 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Volkhov%3A400%2C400i%2C700&ver=4.9.4
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.217.21.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f10.1e100.net
Software
ESF /
Resource Hash
3c167e697c59f7167404e965fd2e59fa8cedc82b998d0257b48b25ab987e045b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 10 May 2018 21:53:40 GMT
jigsaw.css
secure.victorypassport.com/styles/ 		789 B
912 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/styles/jigsaw.css
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
13.32.222.141 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-141.fra56.r.cloudfront.net
Software
nginx/1.12.1 + Phusion Passenger 5.1.12 / Phusion Passenger 5.1.12
Resource Hash
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.1.12
x-cache
Miss from cloudfront
status
200, 200 OK
content-length
406
x-xss-protection
1; mode=block
x-request-id
a3453f36-c698-49d8-9004-1e8010aa50c2
x-runtime
0.007733
server
nginx/1.12.1 + Phusion Passenger 5.1.12
etag
W/"1d4241902701f5e95c12b5436961a139"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
Aj8O8jRSFPezEksXVt_E8S0N3WGGAJQJF9EzWjUm4ATMU3fS0tuOFQ==
style.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ 		101 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1525208470
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0788630c2d727169ba2ed379a7ce6dbdaa5ef6f4b3380bc0a665fde7ad26035e

Request headers

:path
/wp-content/themes/nrsc/assets/css/style.css?ver=1525208470
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Tue, 01 May 2018 21:01:10 GMT
server
nginx
status
200
etag
W/"5ae8d596-1941f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
9b6261cc3e.js
use.fontawesome.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/9b6261cc3e.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
23.111.9.35 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
4d22f87893242016b19d07844de2a7b857faab225a744be22fb5e7aa58b22f65

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2017 19:42:52 GMT
server
NetDNA-cache/2.2
x-amz-request-id
6AF8A760FA1ECB75
etag
W/"d4bc36675502609b9023481c471314e6"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
SEafAnoZZcMzhZC9QZfympOqgtx/B/Hxs3Ot2xXoHrZVzvNjrGsuNQSdCrVdXhOR9dIegoVuiQU=
jquery.js
secure.nrsc.org/wp-includes/js/jquery/ 		95 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e

Request headers

:path
/wp-includes/js/jquery/jquery.js?ver=1.12.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Mon, 23 May 2016 09:00:29 GMT
server
nginx
status
200
etag
W/"5742c6ad-17ba0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
jquery-migrate.min.js
secure.nrsc.org/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
nginx
status
200
etag
W/"573eaa90-2748"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
utilities.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ 		112 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/utilities.css?v=11
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a8d69e9d82be43b935b8ac736e26b669517f55e1224b38dab2dc864ef4ae49fe

Request headers

:path
/wp-content/themes/nrsc/assets/css/utilities.css?v=11
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Tue, 01 May 2018 21:01:10 GMT
server
nginx
status
200
etag
W/"5ae8d596-1c1c0"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
jigsaw
secure.victorypassport.com/scripts/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/scripts/jigsaw
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
13.32.222.141 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-141.fra56.r.cloudfront.net
Software
nginx/1.12.1 + Phusion Passenger 5.1.12 / Phusion Passenger 5.1.12
Resource Hash
391d3e9a71c48505c745027248f3f353f64f519ae6ba0fc4198d80ffbefe8706
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.1.12
x-cache
Miss from cloudfront
status
200, 200 OK
content-length
746
x-xss-protection
1; mode=block
x-request-id
0df06d38-1cf2-4c2b-b1d7-a9118ef29f7c
x-runtime
0.008618
server
nginx/1.12.1 + Phusion Passenger 5.1.12
x-frame-options
SAMEORIGIN
etag
W/"50e7fd431a0b042760da091ef1c81909"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
via
1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
EhDbbkbGZGwRK-7liTuMNyibwVsohXyJUz1rYr7iAGPOvwhJ_mZmJA==
cp
CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
slidebars.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/slidebars.min.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
afcb1f6c5b300318111c91317309f5cd4e621638628db4aa5beefd622ca8be10

Request headers

:path
/wp-content/themes/nrsc/assets/js/slidebars.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Fri, 20 Apr 2018 19:00:31 GMT
server
nginx
status
200
etag
W/"5ada38cf-d46"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
backstretch.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/backstretch.min.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
85990e35a1bd9710094c42c86b371a1cb549c880a191aa795b1d6ceb43de8618

Request headers

:path
/wp-content/themes/nrsc/assets/js/backstretch.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Fri, 20 Apr 2018 19:00:31 GMT
server
nginx
status
200
etag
W/"5ada38cf-444c"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
jquery.matchHeight.min.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/jquery.matchHeight.min.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

:path
/wp-content/themes/nrsc/assets/js/jquery.matchHeight.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Fri, 20 Apr 2018 19:00:31 GMT
server
nginx
status
200
etag
W/"5ada38cf-d34"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
scripts.js
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 		228 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/scripts.js?ver=1524597741
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a41a46d9c804270abd3d67108682ae421e101c4f3c325d6b105d4d3e4d0b1d55

Request headers

:path
/wp-content/themes/nrsc/assets/js/scripts.js?ver=1524597741
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Tue, 24 Apr 2018 19:22:21 GMT
server
nginx
status
200
etag
W/"5adf83ed-38ff2"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
wp-embed.min.js
secure.nrsc.org/wp-includes/js/ 		1 KB
992 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-includes/js/wp-embed.min.js?ver=4.9.4
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=4.9.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Wed, 23 Nov 2016 13:38:33 GMT
server
nginx
status
200
etag
W/"58359bd9-576"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
gtm.js
www.googletagmanager.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f232.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
dd7c4f0c5e1587b39d419d0fed47e076da62f87466581a7712fec563ef9e0e59
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
21594
x-xss-protection
1; mode=block
expires
Thu, 10 May 2018 21:53:41 GMT
wp-emoji-release.min.js
secure.nrsc.org/wp-includes/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=4.9.4
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
:scheme
https
:method
GET
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:40 GMT
content-encoding
gzip
last-modified
Thu, 08 Feb 2018 19:02:16 GMT
server
nginx
status
200
etag
W/"5a7c9eb8-2dc9"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
9b6261cc3e.css
use.fontawesome.com/ 		1 KB
684 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/9b6261cc3e.css
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b6261cc3e.js
Protocol
SPDY
Server
23.111.9.35 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
c1aaebd3e292905247afcee12242ae79f65b1612353455ae144367fa4868e60e

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2017 19:42:52 GMT
server
NetDNA-cache/2.2
x-amz-request-id
F2935D1DF6F177F3
etag
W/"2c5662df2ff38a6af4baa5275eac507d"
x-cache
HIT
content-type
text/css
status
200
cache-control
max-age=0, private, must-revalidate
x-amz-id-2
4IgI8ecb2MHlN0iaV1/QLQOg2xmN6uJPBguwZaofkS4F05ZEfpz07Y82MtiOw/8Ir8/+OJFDJJA=
sdk.js
connect.facebook.net/en_US/ 		209 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
f6cfdf3820d28f94e572b175d6fe53b2b8c1e5c970338b0aaabb5efa3020698a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
gN9+nKSlXNagedR+R/pLkg==
status
200
content-length
64609
x-xss-protection
0
x-fb-debug
ixgKhka+KYRfGriKrASq3I8TrQccbiq0h2H0gGyIg7klrYPFTBoSXXbtY8m0BZPe0z5sbjQr/ylB1KK1N3XpCQ==
x-fb-content-md5
809776d89f56f25f6127a2f535ff47cc
x-frame-options
DENY
date
Thu, 10 May 2018 21:53:41 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ecb361f8f4120b32e5efe56d8950101c"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Thu, 10 May 2018 22:04:24 GMT
white-house-pocket-t-shirt-blue
secure.victorypassport.com/pages/nrsc/ Frame 8B7A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/pages/nrsc/white-house-pocket-t-shirt-blue
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.32.222.141 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-141.fra56.r.cloudfront.net
Software
nginx/1.12.1 + Phusion Passenger 5.1.12 / Phusion Passenger 5.1.12
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.victorypassport.com
:scheme
https
:path
/pages/nrsc/white-house-pocket-t-shirt-blue
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4414583A07E98ADCDEC0E876769D76D0
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=

Response headers

status
200 200 OK
content-type
text/html; charset=utf-8
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
cp
CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
date
Thu, 10 May 2018 21:53:41 GMT
etag
W/"391f9b41cbdd5edccadc3fb77375478b"
server
nginx/1.12.1 + Phusion Passenger 5.1.12
set-cookie
_mystique_session=Q3RvQWp3b2lRSk1lQUY0V2ZmSHNUMjFpbENkQXFiWE10eklONzNVdTExSzVQMXVRWVdyM2NtK09iRXpIQmFRYUFvZEVteTVpaXowZ013TndQUFVwNFF6bWpNVDl4QzJvRm9sZEdHdklsa0hKNHZ4RzYwdGRDUmdsVVRhbTVZMHJOSjJaR1ZCbTNQaE8vMjZ2RFpDdm1RPT0tLTJIdnl2Mi9JQS9TWDJEN1JCeXp4Tmc9PQ%3D%3D--dab0491182345051790f075f46018180ff866d9b; path=/; expires=Sat, 11 May 2019 03:53:41 -0000; secure; HttpOnly
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 5.1.12
x-request-id
f566c7aa-8115-4bf6-b131-bc91f29090a7
x-runtime
0.023824
x-xss-protection
1; mode=block
x-cache
Miss from cloudfront
via
1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
x-amz-cf-id
k9vmjudY9AKtK62NGi_nVFINoG-oMYbZ5PbG5dX-FEqGBclcGC32uA==
application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
secure.victorypassport.com/assets/jackal/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw
Protocol
SPDY
Server
13.32.222.141 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-141.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2017 19:18:16 GMT
server
nginx/1.12.1
x-cache
Miss from cloudfront
content-type
text/css
status
200
cache-control
max-age=315360000, public
content-length
4419
via
1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
x-amz-cf-id
0HCxY1dXhgnZ2elbUJi_ekLZnonoABHKSNZfvrEoPFx1gJy23ayceg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601.js
secure.victorypassport.com/assets/jackal/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/assets/jackal/application-68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601.js
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw
Protocol
SPDY
Server
13.32.222.141 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-141.fra56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
last-modified
Thu, 20 Jul 2017 19:20:15 GMT
server
nginx/1.12.1
x-cache
Miss from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=315360000, public
content-length
9515
via
1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
x-amz-cf-id
Bk2FyYY1CC-N1tYmSnHZC_0cDVDdNWt1XhZsOGoFyARE92xl1W3cCw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
cerabasic-regular-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/cerabasic-regular-webfont.woff2
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/scripts.js?ver=1524597741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5517e384dacbf9151599383c4965af3f19562148376757092affd1986bab5eb0

Request headers

:path
/wp-content/themes/nrsc/assets/fonts/cera/cerabasic-regular-webfont.woff2
pragma
no-cache
origin
https://secure.nrsc.org
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1525208470
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1525208470
Origin
https://secure.nrsc.org

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Fri, 20 Apr 2018 19:00:31 GMT
server
nginx
status
200
etag
"5ada38cf-5074"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
20596
cerabasic-bold-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/cerabasic-bold-webfont.woff2
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/scripts.js?ver=1524597741
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.4.130.200 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-130-200.compute-1.amazonaws.com
Software
nginx /
Resource Hash
bd718c89edd9bd10538e733e1f63a9a27b6cc40cb05347a93321cb9a64f62b03

Request headers

:path
/wp-content/themes/nrsc/assets/fonts/cera/cerabasic-bold-webfont.woff2
pragma
no-cache
origin
https://secure.nrsc.org
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
secure.nrsc.org
referer
https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1525208470
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1525208470
Origin
https://secure.nrsc.org

Response headers

x-type
static/known
date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Fri, 20 Apr 2018 19:00:31 GMT
server
nginx
status
200
etag
"5ada38cf-4f8c"
vary
Accept-Encoding
content-type
application/x-font-woff
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
content-length
20364
l
use.typekit.net/af/7d9ee3/00000000000000003b9b12e6/27/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/7d9ee3/00000000000000003b9b12e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/nnp5tpv.js
Protocol
SPDY
Server
172.227.115.186 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-115-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9d89f1419c265077c2dcece4c2e223a0a14c1b436086c478a40c2d40e7398511

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Origin
https://secure.nrsc.org

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
server
nginx
etag
"abb08f3b4ac895084e9344a39d3e56f8134dc5b0"
status
200, 200 OK
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=8640000
timing-allow-origin
*
content-length
15580
widget_iframe.d383dc1d510865aceaa5e552afcf5663.html
platform.twitter.com/widgets/ Frame C2E6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.d383dc1d510865aceaa5e552afcf5663.html?origin=https%3A%2F%2Fsecure.nrsc.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/widgets/widget_iframe.d383dc1d510865aceaa5e552afcf5663.html?origin=https%3A%2F%2Fsecure.nrsc.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4414583A07E98ADCDEC0E876769D76D0
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=

Response headers

status
200
date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Mon, 07 May 2018 21:48:23 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"fbca609ced8e558319180092b6f196eb+gzip"
content-encoding
gzip
accept-ranges
bytes
via
1.1 varnish
age
258639
x-served-by
cache-tw-fra1-cr1-14-TWFRA1
x-cache
HIT
x-timer
S1525989221.225361,VS0,VE0
vary
Accept-Encoding,Host
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
5846
font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
23.111.9.35 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
last-modified
Tue, 25 Oct 2016 17:21:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"36082410df2ef7f83932219089dc1443"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b6261cc3e.js
Protocol
SPDY
Server
23.111.9.35 Phoenix, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://use.fontawesome.com/9b6261cc3e.css
Origin
https://secure.nrsc.org

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Mon, 17 Jul 2017 16:24:59 GMT
server
NetDNA-cache/2.2
status
200
etag
"af7ae505a9eed503f8b8e6982036873e"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
application/font-woff2
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
77160
/
www.facebook.com/impression.php/f100660665b42c/ 		43 B
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/impression.php/f100660665b42c/?api_key=876846612471411&lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
2FZJogsZj4bFKnQlwgC168TVJ4nn09jV1X7lv6jdWcZfnKFnW9KXdaH71Fm5bPg44a1OA+P/CkFRUQEZbhz3DA==
date
Thu, 10 May 2018 21:53:41 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
access-control-allow-methods
OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
SPDY
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f194.1e100.net
Software
cafe /
Resource Hash
d6f2c75e1885243a57d2ae128a45894d8baa111b251590d64c13c6a52b325d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
etag
11143177299963083545
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
private, max-age=3600
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
5934
x-xss-protection
1; mode=block
expires
Thu, 10 May 2018 21:53:41 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
SPDY
Server
104.244.43.112 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
age
78910
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-tw-fra1-cr1-17-TWFRA1
last-modified
Tue, 23 Jan 2018 19:05:33 GMT
x-timer
S1525989221.281624,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
bat.js
bat.bing.com/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
SPDY
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
4d523cdc48932d683a31ac5210ac152d61ad69393ad4200914deec8b96d154d7

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
last-modified
Thu, 03 May 2018 17:20:11 GMT
x-msedge-ref
Ref A: 684F20536C9D4C11B44658CB3E6A125F Ref B: FRAEDGE0908 Ref C: 2018-05-10T21:53:41Z
status
200
etag
"80d7b7fd2e3d31:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
4428
fbevents.js
connect.facebook.net/en_US/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
12398
x-xss-protection
0
pragma
public
x-fb-debug
o5V2CbwVPyFHyEGfMTnusJVTS+1kttkGvQ8eeMxU3Glf4bSxPzEch76DjA3ZqD8UrisWTbXep6gaDYiS+2Go/A==
x-frame-options
DENY
date
Thu, 10 May 2018 21:53:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
a-00r9.min.js
b-code.liadm.com/ 		101 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-00r9.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol
SPDY
Server
13.32.222.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-127.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ef79b710e97cab3451d730d2aad961cf8ab5672e8f62e5cc3b610a1cd97461b9

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 23 Apr 2018 17:18:16 GMT
content-encoding
gzip
last-modified
Mon, 23 Apr 2018 10:02:54 GMT
server
AmazonS3
age
1871
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
gEExLUAjLmvSl3vQfGlT.mlCxJdIOzaK
status
200
cache-control
public, max-age=86400
content-type
application/javascript
x-amz-cf-id
Ju-86zRwcftJRZk-Om6ftEKmWteLczG2Z7KfTc3AQ7RZnU2l5zoK4w==
via
1.1 89934ce37ea0d70a19ace48a847ae306.cloudfront.net (CloudFront)
xyz.js
getrockerbox.com/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://getrockerbox.com/assets/xyz.js
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
HTTP/1.1
Server
162.243.245.192 New York, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
4911b4a21f429cc0b7e65550b907e5c47b1ba13af3f167eb1137d91ab635fa65

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 21:52:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 25 Apr 2018 17:03:35 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
application/x-javascript
p.gif
p.typekit.net/ 		35 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=nnp5tpv&ht=tk&h=secure.nrsc.org&f=13407&a=7616506&js=1.19.2&app=typekit&e=js&_=1525989221286
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.227.115.186 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a172-227-115-186.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Tue, 20 Mar 2018 00:19:51 GMT
server
nginx
etag
"5ab053a7-23"
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
35
expires
Wed, 28 Mar 2018 09:56:55 GMT
RQ7NiRXMcYA.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 7E96 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://staticxx.facebook.com/connect/xd_arbiter/r/RQ7NiRXMcYA.js?version=42
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
staticxx.facebook.com
:scheme
https
:path
/connect/xd_arbiter/r/RQ7NiRXMcYA.js?version=42
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4414583A07E98ADCDEC0E876769D76D0
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=

Response headers

status
200
expires
Fri, 10 May 2019 17:11:51 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
public,max-age=31536000,immutable
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
vary
Accept-Encoding
content-encoding
gzip
x-fb-debug
dnrRe+nVAsYrllJqIrk8iGy5vip1FWijPY6EyZRGowsMi7bC5Ph5/ZuNSvIWS3hXBTpfOktgrD2sQStlxQYQyg==
content-length
13644
date
Thu, 10 May 2018 21:53:41 GMT
adsct
t.co/i/ 		43 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv084&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
106
pragma
no-cache
last-modified
Thu, 10 May 2018 21:53:41 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
7b1f675483039236d28946af1a0b9122
x-transaction
0031c85f00fe3f4e
expires
Tue, 31 Mar 1981 05:00:00 GMT
1877534775869068
connect.facebook.net/signals/config/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1877534775869068?v=2.8.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
a77d4893a7b66b215288e3038ff5d5ba57809060c302eab91933e6d5b8a9f621
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
eTKUtybMQU4ydTxPkV7AUQmqg5iwV4SCosHGhGR3tCixtwRE5CAoUOOGGbAnaV1mpkqvdC7fMbz9J3Jm3nipXQ==
x-frame-options
DENY
date
Thu, 10 May 2018 21:53:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/?random=1525989221306&cv=9&fst=1525989221306&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=376635470%2C759248990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G4r&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&tiba=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
SPDY
Server
216.58.205.226 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ccabc3a9377c6afab092f362fcd514be253b3a206aa6788fbfd774fab50d2ce0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
hq="googleads.g.doubleclick.net:443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="43,42,41,39,35",hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
1112
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=5576699&Ver=2&mid=39abcd77-7270-c18a-32cf-9f2124c75db0&evt=pageLoad&sid=d723b7c3-1&lt=1651&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&p=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&r=&msclkid=N&rn=664125
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
204.79.197.200 Redmond, United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
a-0001.a-msedge.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: 93045B945317415CA5DB8B88F9BFE3A1 Ref B: FRAEDGE0908 Ref C: 2018-05-10T21:53:41Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/ads/user-lists/863113746/ 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/user-lists/863113746/?random=1525989221306&cv=9&fst=1525986000000&num=1&guid=ON&eid=376635470%2C759248990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G4r&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&tiba=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&async=1&fmt=3&cdct=2&is_vtc=1&random=1234088451&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.217.21.228 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f228.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/ads/user-lists/863113746/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/user-lists/863113746/?random=1525989221306&cv=9&fst=1525986000000&num=1&guid=ON&eid=376635470%2C759248990&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=G4r&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&tiba=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&async=1&fmt=3&cdct=2&is_vtc=1&random=1234088451&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
adclick_server /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
x-content-type-options
nosniff
server
adclick_server
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877534775869068&ev=PageView&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1525989221397&sw=1600&sh=1200&v=2.8.14&r=stable&ec=0&o=28&it=1525989221303
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 10 May 2018 21:53:41 GMT
jot.html
platform.twitter.com/ Frame F0F1
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.96.57.6 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
platform.twitter.com
:scheme
https
:path
/jot.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
4414583A07E98ADCDEC0E876769D76D0

Response headers

status
200
date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Mon, 07 May 2018 22:01:37 GMT
cache-control
public, max-age=315360000
content-type
text/html; charset=utf-8
etag
"d9592a6c704736fa4da218d4357976dd+gzip"
content-encoding
gzip
accept-ranges
bytes
via
1.1 varnish
age
258639
x-served-by
cache-tw-fra1-cr1-14-TWFRA1
x-cache
HIT
x-timer
S1525989222.524040,VS0,VE0
vary
Accept-Encoding,Host
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
95

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Thu, 10 May 2018 21:53:41 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Thu, 10 May 2018 21:53:41 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_o
strict-transport-security
max-age=631138519
x-connection-hash
42cd0c5d41188964f1857586124cccae
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
105
x-transaction
0031170500ade94c
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
secure.victorypassport.com/assets/ 		444 B
740 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.victorypassport.com/assets/circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
13.32.222.141 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-222-141.fra56.r.cloudfront.net
Software
nginx/1.8.1 /
Resource Hash
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c

Request headers

Referer
https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Tue, 16 Jan 2018 14:27:10 GMT
via
1.1 40b36a86ab4ea993a78087b1ceb80e25.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jul 2017 19:17:22 GMT
server
nginx/1.8.1
age
9266213
etag
"597101c2-1bc"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
444
x-amz-cf-id
iiCKMABwsqTAi1GbzjY4tcjS1hrl8B9kdwqk86R_yo3Xw4t9q9V8EQ==
pixel.gif
getrockerbox.com/
Redirect Chain
  • https://getrockerbox.com/pixel.gif?action=view&source=nrsc&rb_source=nrsc&an_seg=11304236&type=imp
  • https://secure.adnxs.com/getuid?%2fseg%3fadd%3d11304236%26redir%3dhttps%253a%252f%252fgetrockerbox.com%252fpixel.gif%253fadnxs_uid%253d$UID%2526action%253dview%2526source%253dnrsc%2526rb_source%253...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3F%252fseg%253fadd%253d11304236%2526redir%253dhttps%25253a%25252f%25252fgetrockerbox.com%25252fpixel.gif%25253fadnxs_uid%25253d%24UID%252526action%25253dvi...
  • https://secure.adnxs.com/seg?add=11304236&redir=https%3a%2f%2fgetrockerbox.com%2fpixel.gif%3fadnxs_uid%3d5608271319262963746%26action%3dview%26source%3dnrsc%26rb_source%3dnrsc%26an_seg%3d11304236%2...
  • https://getrockerbox.com/pixel.gif?adnxs_uid=5608271319262963746&action=view&source=nrsc&rb_source=nrsc&an_seg=11304236&type=imp
44 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://getrockerbox.com/pixel.gif?adnxs_uid=5608271319262963746&action=view&source=nrsc&rb_source=nrsc&an_seg=11304236&type=imp
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
HTTP/1.1
Server
162.243.245.192 New York, United States, ASN14061 (DIGITALOCEAN-ASN - DigitalOcean, LLC, US),
Reverse DNS
Software
openresty /
Resource Hash
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 21:52:53 GMT
Server
openresty
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Thu, 10 May 2018 21:53:43 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.58:80
AN-X-Request-Uuid
6d983df8-ab7b-418b-8327-0ff649846e4a
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://getrockerbox.com/pixel.gif?adnxs_uid=5608271319262963746&action=view&source=nrsc&rb_source=nrsc&an_seg=11304236&type=imp
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/assets.victorypassport.com/fonts/VictoryPassport.ttf
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
HTTP/1.1
Server
52.216.132.29 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Origin
https://secure.nrsc.org

Response headers

Date
Thu, 10 May 2018 21:53:43 GMT
Last-Modified
Wed, 01 Jul 2015 02:35:45 GMT
Server
AmazonS3
x-amz-request-id
590B3AD8DF226449
ETag
"7d80bd6dc0d2e81dc2274a2b29799949"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Length
10804
x-amz-id-2
9FTBTpnJHh/0N+EoCgMmSND9OLtOGuBOIjongGMtLoymYYy/60OO+KxZ+tcv01coc6CGXYaIeW4=
gtm.js
www.googletagmanager.com/ 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WDLTFM
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601.js
Protocol
SPDY
Server
172.217.21.232 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s13-in-f232.1e100.net
Software
Google Tag Manager (scaffolding) /
Resource Hash
526ca52e2bb2a31885f1dfcc624176b4e387045431c4cb8327f683f082603751
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
20424
x-xss-protection
1; mode=block
expires
Thu, 10 May 2018 21:53:41 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601.js
Protocol
SPDY
Server
172.217.18.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 12 Apr 2018 18:13:11 GMT
server
Golfe2
age
3454
date
Thu, 10 May 2018 20:56:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14353
expires
Thu, 10 May 2018 22:56:07 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=431579746&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_gid=548380018.1525989222&gjid=774962500&_v=j67&z=1299062476
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_v=j67&z=1299062476
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_v=j67&z=1299062476&slf_rd=1&random=4000118657
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_v=j67&z=1299062476&slf_rd=1&random=4000118657
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
172.217.23.131 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s18-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=502845438.1525989222&jid=1757036068&_v=j67&z=1299062476&slf_rd=1&random=4000118657
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
528927697229967
connect.facebook.net/signals/config/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/528927697229967?v=2.8.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
7f4e7a14a5a807312c8e91e77aff7418b3594ed85b5479f2810dfb34267cea9f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
E4ltm1dFMesovfEVRWI8Rge9y5U396xXNaq4x5e7toiFjkEArZIgR/u2ngXfdNq2wF1/Wsw9NPrCFnEesxPHVg==
x-frame-options
DENY
date
Thu, 10 May 2018 21:53:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j67&a=431579746&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3D...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=502845438.1525989222&jid=423648413&_gid=548380018.1525989222&gjid=503027916&_v=j67&z=1332030777
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=502845438.1525989222&jid=423648413&_gid=548380018.1525989222&gjid=503027916&_v=j67&z=1332030777
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
74.125.206.157 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
wk-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 10 May 2018 21:53:41 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=502845438.1525989222&jid=423648413&_gid=548380018.1525989222&gjid=503027916&_v=j67&z=1332030777
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1877534775869068&ev=Microdata&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1525989221900&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22White%20House%20Pocket%20T-Shirt%20-%20NRSC%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%22%2C%22og%3Asite_name%22%3A%22NRSC%22%7D&cd[Meta]=%7B%22title%22%3A%22White%20House%20Pocket%20T-Shirt%20%7C%20NRSC%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.14&r=stable&ec=1&o=28&it=1525989221303&es=automatic
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 10 May 2018 21:53:41 GMT
566036477108792
connect.facebook.net/signals/config/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/566036477108792?v=2.8.14&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
SPDY
Server
157.240.20.19 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
xx-fbcdn-shv-02-frt3.fbcdn.net
Software
/
Resource Hash
d9b963cabb1701a2e3c2dd88040e0bd7c9e686376201ba1f7d1b8974fe1d7ce8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
x-xss-protection
0
pragma
public
x-fb-debug
1C/tVVkMXm90OP/LOmTE16UG8I+11+Wt/p2AXQEZCsAutz+q7Q9SOFNkRtjxLItGAdh8DdD7iFrdx7nWIF8KOA==
x-frame-options
DENY
date
Thu, 10 May 2018 21:53:41 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=528927697229967&ev=PageView&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1525989221922&sw=1600&sh=1200&v=2.8.14&r=stable&ec=0&o=28&it=1525989221303
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 10 May 2018 21:53:41 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=566036477108792&ev=PageView&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1525989221976&sw=1600&sh=1200&v=2.8.14&r=stable&a=tmgoogletagmanager&ec=0&o=30&it=1525989221303
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 10 May 2018 21:53:41 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=528927697229967&ev=Microdata&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1525989222423&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22White%20House%20Pocket%20T-Shirt%20-%20NRSC%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%22%2C%22og%3Asite_name%22%3A%22NRSC%22%7D&cd[Meta]=%7B%22title%22%3A%22White%20House%20Pocket%20T-Shirt%20%7C%20NRSC%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.14&r=stable&ec=1&o=28&it=1525989221303&es=automatic
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 10 May 2018 21:53:42 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=566036477108792&ev=Microdata&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1525989222477&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22White%20House%20Pocket%20T-Shirt%20-%20NRSC%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%22%2C%22og%3Asite_name%22%3A%22NRSC%22%7D&cd[Meta]=%7B%22title%22%3A%22White%20House%20Pocket%20T-Shirt%20%7C%20NRSC%22%7D&cd[DataLayer]=%5B%5D&sw=1600&sh=1200&v=2.8.14&r=stable&a=tmgoogletagmanager&ec=1&o=30&it=1525989221303&es=automatic
Requested by
Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
Protocol
SPDY
Server
157.240.20.35 Menlo Park, United States, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
edge-star-mini-shv-02-frt3.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Thu, 10 May 2018 21:53:42 GMT
dynamic-conversion
lcidc.liadm.com/api/v1/
Redirect Chain
  • https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4
  • https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4&n3pc=true
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4&n3pc=true
Protocol
HTTP/1.1
Server
52.205.214.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-214-62.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 21:53:43 GMT
Vary
Origin
Server
nginx/1.12.1
Access-Control-Allow-Origin
https://secure.nrsc.org
Request-Time
0
Location
/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4&n3pc=true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Thu, 10 May 2018 21:53:43 GMT
Vary
Origin
Server
nginx/1.12.1
Access-Control-Allow-Origin
https://secure.nrsc.org
Request-Time
0
Location
/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4&n3pc=true
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
adsct
analytics.twitter.com/i/ 		31 B
248 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nv084&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
SPDY
Server
104.244.42.195 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Thu, 10 May 2018 21:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
109
pragma
no-cache
last-modified
Thu, 10 May 2018 21:53:43 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
490cc9c7eae5b1184108530ceabaa2b1
x-transaction
00e6023b00659086
expires
Tue, 31 Mar 1981 05:00:00 GMT
dynamic-conversion
lcidc.liadm.com/api/v1/ 		15 B
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=17735&sid=AEVHBNo5o-4&n3pc=true
Protocol
HTTP/1.1
Server
52.205.214.62 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-205-214-62.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
d65b1b198cc3ab2f68200d058319f8da590b4d525397ca3d0c2fde40c12b0747

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id
4414583A07E98ADCDEC0E876769D76D0
Origin
https://secure.nrsc.org
Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 21:53:43 GMT
Vary
Origin
Server
nginx/1.12.1
Request-Time
1
Content-Type
application/json
Access-Control-Allow-Origin
https://secure.nrsc.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
15
i
c.liadm.com/ 		43 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.liadm.com/i?stm=1525989223915&e=pv&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2Fwhite-house-pocket-t-shirt%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3Djd-dl%26utm_campaign%3D20180510_RepublicanFulfillmentServices_jd-dl_%26utm_content%3Dbody_txt_confirm%2520your%2520order%26action%3Demail_click%26ha1%3D&page=White%20House%20Pocket%20T-Shirt%20%7C%20NRSC&tv=js-mint-4.2.3-sp-2.8.2&tna=litra&aid=a-00r9&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=ce2ec4b5-3d2c-40ca-b222-9146da7d89b7&dtm=1525989223913&vp=1600x1200&ds=1585x1937&vid=1&sid=50dde668-589e-4d92-abba-acb9619cf86c&duid=a-00r9--91945acd-dca0-4735-bc9a-ba959a4a64f3&fp=1498438248&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ubGl2ZWludGVudC9zb3VyY2VfbGl2ZV9ldmVudC9qc29uc2NoZW1hLzItMC0wIiwiZGF0YSI6eyJwdXNoZWREYXRhIjoie1wiZXZlbnRcIjpcInBhZ2VWaWV3XCJ9In19LHsic2NoZW1hIjoiaWdsdTpjb20ubGl2ZWludGVudC9saXZlX2V2ZW50L2pzb25zY2hlbWEvMi0wLTAiLCJkYXRhIjp7ImV2ZW50TmFtZSI6InZpZXdDb250ZW50Iiwic2VnbWVudElkIjoiQUVWSEJObzVvLTQifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5saXZlaW50ZW50L2NvbnZlcnNpb24vanNvbnNjaGVtYS8zLTAtMSIsImRhdGEiOnsidVNlcnZlckNvbnZlcnNpb25JZHMiOltdfX1dfQ
Protocol
HTTP/1.1
Server
52.21.161.113 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-161-113.compute-1.amazonaws.com
Software
spray-can/1.3.3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://secure.nrsc.org/donation_page/white-house-pocket-t-shirt/?recurring=true&utm_medium=email&utm_source=jd-dl&utm_campaign=20180510_RepublicanFulfillmentServices_jd-dl_&utm_content=body_txt_confirm%20your%20order&action=email_click&ha1=
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Thu, 10 May 2018 21:53:44 GMT
Server
spray-can/1.3.3
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer object| Typekit object| _wpemojiSettings function| __twttrll object| twttr object| __twttr object| twemoji object| wp object| FontAwesomeCdnConfig string| cssUrl undefined| $ function| jQuery object| urls function| slidebars object| jQuery112408747058456819556 function| getDevice function| setImmediate function| clearImmediate function| Vue function| Hammer function| filter function| sortBy object| FB object| google_tag_manager function| twq object| uetq function| fbq function| _fbq object| RB object| f function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| UET object| LI object| Snowplow object| liQ function| _classCallCheck function| _inherits object| vp function| _createClass function| VPModal function| _get function| VPAuthorizeDialog function| VPBaseForm function| VPEventProcessor function| VPForgotPasswordForm function| VPLoginDialog function| VPLoginForm function| VPParentLocation function| VPPublishAnalytics function| VPRegistrationForm function| VPScrollToTop function| VPToolbar function| Messages function| DOMUtils function| VPUpdateBackgroundImage function| VPUpdateFrameHeight function| VPUpdateToolbar function| Utils object| vpToolbar object| vpEventProcessor boolean| ieVersion object| Mustache string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

15 Cookies

Domain/Path Name / Value
.facebook.com/ Name: fr
Value: 0CsXPXwJu45eDxuy0..Ba9L9l...1.0.Ba9L9l.
.secure.victorypassport.com/ Name: __stripe_sid
Value: 248fa798-ac4c-4bda-9155-95130006e264
.secure.victorypassport.com/ Name: __stripe_mid
Value: b56364a3-a26b-426c-a151-a74544b802d9
.victorypassport.com/ Name: _gat_UA-10463545-10
Value: 1
.nrsc.org/ Name: _gid
Value: GA1.2.548380018.1525989222
.victorypassport.com/ Name: _dc_gtm_UA-10463545-9
Value: 1
.nrsc.org/ Name: _gat
Value: 1
m.stripe.network/ Name: nsr
Value: 1
.victorypassport.com/ Name: _gid
Value: GA1.2.946340905.1525989222
.nrsc.org/ Name: _ga
Value: GA1.2.502845438.1525989222
.victorypassport.com/ Name: _ga
Value: GA1.2.1551061386.1525989222
.secure.nrsc.org/ Name: _gid
Value: GA1.3.548380018.1525989222
.victorypassport.com/ Name: _gat
Value: 1
.secure.nrsc.org/ Name: _gat_UA-23419263-11
Value: 1
.secure.nrsc.org/ Name: _ga
Value: GA1.3.502845438.1525989222

1 Console Messages

Source Level URL
Text
console-api log URL: https://secure.nrsc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
b-code.liadm.com
bat.bing.com
c.liadm.com
connect.facebook.net
fonts.googleapis.com
getrockerbox.com
googleads.g.doubleclick.net
lcidc.liadm.com
p.typekit.net
paracom.paramountcommunication.com
platform.twitter.com
s3.amazonaws.com
secure.adnxs.com
secure.nrsc.org
secure.victorypassport.com
static.ads-twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
t.co
use.fontawesome.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.133
104.244.42.136
104.244.42.195
104.244.43.112
13.32.222.127
13.32.222.141
157.240.20.19
157.240.20.35
162.243.245.192
172.217.18.174
172.217.21.194
172.217.21.228
172.217.21.232
172.217.21.234
172.217.23.131
172.227.115.186
185.33.223.215
199.96.57.6
204.79.197.200
216.58.205.226
23.111.9.35
52.205.214.62
52.21.161.113
52.216.132.29
52.4.130.200
54.71.200.178
74.125.206.157
039a8bb6d736466063dde3c2a80d71d54456a7875cb1654263058bc69c1c042d
0788630c2d727169ba2ed379a7ce6dbdaa5ef6f4b3380bc0a665fde7ad26035e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
112560223d7dcf6f78bd1f4f1271590233b6cd02adf7a10f896b0f628c2c4d24
2218bbf47b340278b7b696dbe3af4eed89edffa709c19abd6747b18147c3a675
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
391d3e9a71c48505c745027248f3f353f64f519ae6ba0fc4198d80ffbefe8706
3c167e697c59f7167404e965fd2e59fa8cedc82b998d0257b48b25ab987e045b
3d8e94fed6cc8ea56ee5ec6174efb68cb7197d2e729149cb43e85505bf175779
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4911b4a21f429cc0b7e65550b907e5c47b1ba13af3f167eb1137d91ab635fa65
4d22f87893242016b19d07844de2a7b857faab225a744be22fb5e7aa58b22f65
4d523cdc48932d683a31ac5210ac152d61ad69393ad4200914deec8b96d154d7
526ca52e2bb2a31885f1dfcc624176b4e387045431c4cb8327f683f082603751
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5517e384dacbf9151599383c4965af3f19562148376757092affd1986bab5eb0
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
63330db1a970f35394ee59e34b8475d5cedfafab17b7f67a2a094c478fd2aa96
68a741850d8a9fe860882e93a4ba3ce3300b03510aa1ebb4d5200fd973364601
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
7f4e7a14a5a807312c8e91e77aff7418b3594ed85b5479f2810dfb34267cea9f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85990e35a1bd9710094c42c86b371a1cb549c880a191aa795b1d6ceb43de8618
91e072c6c6ffa097a7b56288184b067ba3f3b6723fd19331deb99613999b395e
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d89f1419c265077c2dcece4c2e223a0a14c1b436086c478a40c2d40e7398511
a41a46d9c804270abd3d67108682ae421e101c4f3c325d6b105d4d3e4d0b1d55
a77d4893a7b66b215288e3038ff5d5ba57809060c302eab91933e6d5b8a9f621
a8d69e9d82be43b935b8ac736e26b669517f55e1224b38dab2dc864ef4ae49fe
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afcb1f6c5b300318111c91317309f5cd4e621638628db4aa5beefd622ca8be10
bd718c89edd9bd10538e733e1f63a9a27b6cc40cb05347a93321cb9a64f62b03
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c1aaebd3e292905247afcee12242ae79f65b1612353455ae144367fa4868e60e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
ccabc3a9377c6afab092f362fcd514be253b3a206aa6788fbfd774fab50d2ce0
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
d65b1b198cc3ab2f68200d058319f8da590b4d525397ca3d0c2fde40c12b0747
d6f2c75e1885243a57d2ae128a45894d8baa111b251590d64c13c6a52b325d91
d9b963cabb1701a2e3c2dd88040e0bd7c9e686376201ba1f7d1b8974fe1d7ce8
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
dd7c4f0c5e1587b39d419d0fed47e076da62f87466581a7712fec563ef9e0e59
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e35e107c1e3d4ec87c9db64ce2f49381949ebc94b2356448140b4b2c3c4f661f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef79b710e97cab3451d730d2aad961cf8ab5672e8f62e5cc3b610a1cd97461b9
f6cfdf3820d28f94e572b175d6fe53b2b8c1e5c970338b0aaabb5efa3020698a
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e