www.larryelderrecallnewsom.com Open in urlscan Pro
40.123.53.189  Public Scan

18 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request getgavinout.php Show response www.larryelderrecallnewsom.com/	34 KB 7 KB	315ms 98ms	Document text/html	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash c6ac18bd7f3447f32c0a172ff6322ad05a67fa020d3f51dc4a7c2ceb6c56d2f5 Request headers Host www.larryelderrecallnewsom.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Thu, 09 Sep 2021 21:37:06 GMT Server Apache Vary Accept-Encoding Content-Encoding gzip Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/	118 KB 20 KB	61ms 19ms	Stylesheet text/css	104.18.10.207 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 09 Sep 2021 21:37:07 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 718 age 12095919 cdn-cachedat 2021-03-10 20:26:25 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:03:59 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid eaf1fde142b7e60f10e494e1cd50c3e7 cf-ray 68c38e533d54c4ae-DUS cdn-requestcountrycode DE cdn-requestpullsuccess True
GET H/1.1	200 OK	custom_gen2.css www.larryelderrecallnewsom.com/css/	6 KB 2 KB	284ms 95ms	Stylesheet text/css	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/css/custom_gen2.css?v=2 Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash a4fdee53682683f8513c3557b882a20e309efd3b0f5e6347fe9c29382f831ff0 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Fri, 03 Sep 2021 17:12:48 GMT Server Apache ETag "1600-5cb1a68a721f7-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1577
GET H/1.1	200 OK	faq_Temp11.css www.larryelderrecallnewsom.com/css/	5 KB 2 KB	286ms 95ms	Stylesheet text/css	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/css/faq_Temp11.css?v=2 Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash db3a06cd1c72b13f0bc16cc07f28e4781579ed70e8ca846c2a37a30315b90e14 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:34 GMT Server Apache ETag "15fe-5c7937e249580-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 1554
GET H/1.1	200 OK	anim.css www.larryelderrecallnewsom.com/css/	71 KB 4 KB	291ms 98ms	Stylesheet text/css	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/css/anim.css Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:34 GMT Server Apache ETag "11cda-5c7937e249580-gzip" Vary Accept-Encoding Content-Type text/css Connection close Accept-Ranges bytes Content-Length 4172
GET H2	200	css fonts.googleapis.com/	2 KB 1006 B	191ms 66ms	Stylesheet text/css	142.250.74.10 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oswald:700 Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.10 , United States, ASN15169 (GOOGLE, US), Reverse DNS arn09s21-in-f10.1e100.net Software ESF / Resource Hash 1d05b65fe018b033643449c09121df2d26dd5ea4bf41dc5ce69a065ee5487974 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Thu, 09 Sep 2021 19:45:33 GMT server ESF date Thu, 09 Sep 2021 21:37:07 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 09 Sep 2021 21:37:07 GMT
GET H/1.1	200 OK	jquery.min.js Show response www.larryelderrecallnewsom.com/js/	94 KB 33 KB	298ms 105ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery.min.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "1787c-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 33367
GET H/1.1	200 OK	bootstrap.js Show response www.larryelderrecallnewsom.com/js/	54 KB 11 KB	292ms 99ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/bootstrap.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 5eb93c214c248962fe9233316002fc8e76c45f8551354f25191d6b6399eedf7c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:35 GMT Server Apache ETag "d7d9-5c7937e33d7c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 11112
GET H/1.1	200 OK	jquery-1.9.1.js Show response www.larryelderrecallnewsom.com/js/	54 KB 11 KB	293ms 100ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery-1.9.1.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 5eb93c214c248962fe9233316002fc8e76c45f8551354f25191d6b6399eedf7c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "d7d9-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 11112
GET H/1.1	200 OK	jquery.validate.min.js Show response www.larryelderrecallnewsom.com/js/	20 KB 7 KB	562ms 93ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery.validate.min.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 80d9df6a033c91c176960af80250168863680188e01dbdca5b7c53256e5ad769 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "5146-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 6482
GET H/1.1	200 OK	jquery.maskedinput.min.js Show response www.larryelderrecallnewsom.com/js/	3 KB 2 KB	566ms 93ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery.maskedinput.min.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 4d2f8e93a72b351e2a74a613e93e63c0c1e3b0f742cdb83b7664f4796092376d Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "df0-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1655
GET H/1.1	200 OK	jquery.number.js Show response www.larryelderrecallnewsom.com/js/	20 KB 6 KB	570ms 93ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery.number.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 47c24f6f0d8837c674f451716052362e3d64255811ff237d8446edeb23693a5a Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "5069-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 6089
GET H/1.1	200 OK	jquery.html5-placeholder-shim.js Show response www.larryelderrecallnewsom.com/js/	3 KB 1 KB	583ms 96ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery.html5-placeholder-shim.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 64c16189edc30b26fbfec45575c30a42aa254a6c403be31338050ece86276d3c Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "d28-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1144
GET H/1.1	200 OK	jquery.blockUI.js Show response www.larryelderrecallnewsom.com/js/	23 KB 7 KB	586ms 98ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/jquery.blockUI.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash c9e55dac2471f48680fde75b84e5738ac3e321e6712babac1c4fce04fbcd2afc Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "5c5b-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 6749
GET H/1.1	200 OK	mailcheck.min.js Show response www.larryelderrecallnewsom.com/js/	7 KB 2 KB	680ms 93ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/mailcheck.min.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 65b96b82ce97c8b715b896a4450c5a3e8b979f22da85c9d9558db96788f603ea Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:36 GMT Server Apache ETag "1a04-5c7937e431a00-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 1959
GET H/1.1	200 OK	tinylogo_2021.png www.larryelderrecallnewsom.com/images/	3 KB 3 KB	283ms 94ms	Image image/png	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.larryelderrecallnewsom.com/images/tinylogo_2021.png Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 2174ad253fdf6f6300889e104877a9de91d9b1fab9fcc2a1666286b46780ea08 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Last-Modified Thu, 29 Jul 2021 11:47:08 GMT Server Apache ETag "c35-5c841a9a2c700" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 3125
GET H/1.1	200 OK	spacer.png www.larryelderrecallnewsom.com/images/	932 B 1 KB	282ms 94ms	Image image/png	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.larryelderrecallnewsom.com/images/spacer.png Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 2bf2750b21c7d1558271e17c2e034707de23e4a79220015ac3bdf0b564df4105 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Last-Modified Tue, 20 Jul 2021 19:59:34 GMT Server Apache ETag "3a4-5c7937e249580" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 932
GET H/1.1	200 OK	mobile.jpg www.larryelderrecallnewsom.com/images/	414 KB 414 KB	284ms 96ms	Image image/jpeg	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.larryelderrecallnewsom.com/images/mobile.jpg?v=1 Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 1c30e44e38535c78e619cc7dd461d5e519dd111f3e830d01b043dc8dac734120 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Last-Modified Fri, 30 Jul 2021 23:45:01 GMT Server Apache ETag "67625-5c85fced3f940" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 423461
GET H/1.1	200 OK	logo.png www.larryelderrecallnewsom.com/images/	34 KB 35 KB	287ms 96ms	Image image/png	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.larryelderrecallnewsom.com/images/logo.png?v=1 Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 9ac869c569fbb2e0a662ca30c6f993f76dc6bd40f0ab3946e54288c373dd19d2 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Last-Modified Thu, 29 Jul 2021 01:44:00 GMT Server Apache ETag "896b-5c8393ca9b800" Content-Type image/png Connection close Accept-Ranges bytes Content-Length 35179
GET H/1.1	200 OK	checkemail.js Show response www.larryelderrecallnewsom.com/js/	743 B 569 B	280ms 95ms	Script application/javascript	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://www.larryelderrecallnewsom.com/js/checkemail.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash 7679639865a7c7acddc5e81a7542abeccb9e725883d2e849215ab40b2f6e59d4 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:07 GMT Content-Encoding gzip Last-Modified Tue, 20 Jul 2021 19:59:35 GMT Server Apache ETag "2e7-5c7937e33d7c0-gzip" Vary Accept-Encoding Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 272
GET H2	200	gtm.js Show response www.googletagmanager.com/	96 KB 38 KB	200ms 73ms	Script application/javascript	142.250.74.104 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-W279GJC Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.104 , United States, ASN15169 (GOOGLE, US), Reverse DNS arn11s10-in-f8.1e100.net Software Google Tag Manager / Resource Hash 9c71e986b76048ad5ef072bcb37da1e9b257752e3532822ae40f06bb40ba3f69 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 09 Sep 2021 21:37:07 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 38639 x-xss-protection 0 last-modified Thu, 09 Sep 2021 21:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 09 Sep 2021 21:37:07 GMT
GET H2	200	TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 fonts.gstatic.com/s/oswald/v40/	16 KB 16 KB	169ms 49ms	Font font/woff2	142.250.74.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oswald/v40/TK3_WkUHHAIjg75cFRf3bXL8LICs1xZosUZiZQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oswald:700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.74.67 , United States, ASN15169 (GOOGLE, US), Reverse DNS arn09s23-in-f3.1e100.net Software sffe / Resource Hash 5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 04 Sep 2021 07:14:26 GMT x-content-type-options nosniff age 483761 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16364 x-xss-protection 0 last-modified Tue, 10 Aug 2021 00:16:56 GMT server sffe content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 04 Sep 2022 07:14:26 GMT
GET H/1.1	200 OK	/ Show response secure.campaignsolutions.com/PetitionFactory/petitions_find/	0 415 B	942ms 123ms	XHR text/html	64.203.108.77 SMARTECHCORP
General Check archive.org Show headers Download Go to Full URL https://secure.campaignsolutions.com/PetitionFactory/petitions_find/ Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/js/jquery.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 64.203.108.77 , United States, ASN25817 (SMARTECHCORP, US), Reverse DNS Software Microsoft-IIS/8.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://www.larryelderrecallnewsom.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:08 GMT Server Microsoft-IIS/8.0 X-AspNet-Version 4.0.30319 Access-Control-Allow-Methods GET,OPTIONS,POST Content-Type text/html Access-Control-Allow-Origin https://www.larryelderrecallnewsom.com Cache-Control private Access-Control-Allow-Credentials true Access-Control-Allow-Headers Origin, X-Requested-With, Content-Type, Accept Content-Length 0
GET H/1.1	200 OK	desktop.jpg www.larryelderrecallnewsom.com/images/	140 KB 140 KB	367ms 140ms	Image image/jpeg	40.123.53.189 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://www.larryelderrecallnewsom.com/images/desktop.jpg?v=1 Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 40.123.53.189 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS campsolazwww2.eastus2.cloudapp.azure.com Software Apache / Resource Hash c5825e157a277396f5118917232471c0f19b106083dc0458e59e999da191074f Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.larryelderrecallnewsom.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://www.larryelderrecallnewsom.com/getgavinout.php Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/getgavinout.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Thu, 09 Sep 2021 21:37:08 GMT Last-Modified Fri, 30 Jul 2021 23:33:28 GMT Server Apache ETag "2310a-5c85fa585a200" Content-Type image/jpeg Connection close Accept-Ranges bytes Content-Length 143626
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/Fr2ku5cFEQ14GA4GXN28TVusX2ySxT8r/	348 KB 63 KB	780ms 658ms	Script text/javascript	99.86.244.81 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/Fr2ku5cFEQ14GA4GXN28TVusX2ySxT8r/analytics.min.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.244.81 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-244-81.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash 24bcf8d331c676a9ae6a0664926e0061fb9d48de388f2d48b3f087262b8f5f12 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-amz-version-id 1h1VNO4.SKYUM6msHMdCwRkmpX25caJB content-encoding gzip etag W/"d6da636e7854d27b78503215bd3da159" x-amz-cf-pop VIE50-C1 x-cache RefreshHit from cloudfront x-amz-replication-status COMPLETED access-control-allow-origin * last-modified Tue, 31 Aug 2021 02:22:10 GMT server AmazonS3 date Thu, 09 Sep 2021 21:37:10 GMT access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 via 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront) cache-control public, max-age=120 x-amz-cf-id 6j7wS4YD1rX05_gKfqMXCsgAyeAmDsNV4fa-oqX3w25S2vN5ahRvRQ==
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	99 KB 26 KB	112ms 14ms	Script application/x-javascript	185.60.216.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frx5.fbcdn.net Software / Resource Hash 335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 25999 x-xss-protection 0 pragma private x-fb-debug Gm9r6C0UKXvPq16GJum72C/UF/VWfpuT3OCXJdteH5fV6A2M5wqfDKFO8o9dqEKyrM/0db1Y8O/+RjYd3QmG9w== x-fb-trip-id 917726464 x-frame-options DENY date Thu, 09 Sep 2021 21:37:08 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cache-control private x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	861655184753925 Show response connect.facebook.net/signals/config/	306 KB 88 KB	149ms 149ms	Script application/x-javascript	185.60.216.19 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/861655184753925?v=2.9.45&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS xx-fbcdn-shv-01-frx5.fbcdn.net Software / Resource Hash 15a34e15cdf42e8f197b32b36b7e84c5fa82a58d06f83d845a52eea4beb4073f Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 x-xss-protection 0 pragma public x-fb-debug XgpqIMfOvJd770nr/r09AsKvRGBU1xArIGC3meuDSX+x4DN+dW4lkKT6x1cI/49IfTXmhmunIymNFYVg7bXYlg== x-fb-trip-id 917726464 x-frame-options DENY cross-origin-opener-policy same-origin-allow-popups cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Thu, 09 Sep 2021 21:37:08 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	44 B 427 B	35ms 8ms	Image image/gif	185.60.216.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=861655184753925&ev=PageView&dl=https%3A%2F%2Fwww.larryelderrecallnewsom.com%2Fgetgavinout.php&rl=&if=false&ts=1631223428996&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631223428995.1181330955&it=1631223428733&coo=false&exp=p0&rqm=GET Requested by Host: www.larryelderrecallnewsom.com URL: https://www.larryelderrecallnewsom.com/getgavinout.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frx5.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 09 Sep 2021 21:37:09 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 44 expires Thu, 09 Sep 2021 21:37:09 GMT
POST H2	200	p Show response api.segment.io/v1/	21 B 153 B	592ms 165ms	XHR application/json	54.190.208.247 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/Fr2ku5cFEQ14GA4GXN28TVusX2ySxT8r/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.190.208.247 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-190-208-247.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Request headers Referer https://www.larryelderrecallnewsom.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.larryelderrecallnewsom.com date Thu, 09 Sep 2021 21:37:09 GMT content-length 21 vary Origin content-type application/json
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	15ms 7ms	Image image/gif	185.60.216.35 FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=861655184753925&ev=Microdata&dl=https%3A%2F%2Fwww.larryelderrecallnewsom.com%2Fgetgavinout.php&rl=&if=false&ts=1631223429499&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Larry%20Elder%20Recall%20Newsom%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.larryelderrecallnewsom.com%2F%22%2C%22og%3Atitle%22%3A%22Larry%20Elder%20Recall%20Newsom%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Asite_name%22%3A%22Larry%20Elder%20Recall%20Newsom%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.larryelderrecallnewsom.com%2Fimages%2Ffb21.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22628%22%2C%22og%3Adescription%22%3A%22Join%20Larry%20today%20in%20his%20fight%20for%20change!%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631223428995.1181330955&it=1631223428733&coo=false&es=automatic&tm=3&exp=p0&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS edge-star-mini-shv-01-frx5.facebook.com Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.larryelderrecallnewsom.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Thu, 09 Sep 2021 21:37:09 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Thu, 09 Sep 2021 21:37:09 GMT

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery object| jQuery111005269201146924263 object| Mailcheck function| Getcookie function| Forgetcookie function| Setcookie function| nobots object| dataLayer object| google_tag_manager object| google_tag_data object| analytics function| fbq function| _fbq function| normalize

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.larryelderrecallnewsom.com/	1970-01-19 23:16:39	Name: _gcl_au Value: 1.1.1993357757.1631223429
			.larryelderrecallnewsom.com/	1970-01-19 23:16:39	Name: _fbp Value: fb.1.1631223428995.1181330955
			.facebook.com/	1970-01-19 23:16:39	Name: fr Value: 0vqxNbTLpefFK43dk..BhOn6F...1.0.BhOn6F.
			.larryelderrecallnewsom.com/	1970-01-20 05:52:39	Name: ajs_anonymous_id Value: %22ebea0ac8-aee8-4a0c-acd7-85bf19380e6e%22

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
cdn.segment.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
secure.campaignsolutions.com
www.facebook.com
www.googletagmanager.com
www.larryelderrecallnewsom.com
104.18.10.207
142.250.74.10
142.250.74.104
142.250.74.67
185.60.216.19
185.60.216.35
40.123.53.189
54.190.208.247
64.203.108.77
99.86.244.81
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15a34e15cdf42e8f197b32b36b7e84c5fa82a58d06f83d845a52eea4beb4073f
1c30e44e38535c78e619cc7dd461d5e519dd111f3e830d01b043dc8dac734120
1d05b65fe018b033643449c09121df2d26dd5ea4bf41dc5ce69a065ee5487974
2174ad253fdf6f6300889e104877a9de91d9b1fab9fcc2a1666286b46780ea08
24bcf8d331c676a9ae6a0664926e0061fb9d48de388f2d48b3f087262b8f5f12
2bf2750b21c7d1558271e17c2e034707de23e4a79220015ac3bdf0b564df4105
2e945ebcd9b955e7c543ba4ad41e8f7779a077b482a0207db74bd6ded2021d17
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
47c24f6f0d8837c674f451716052362e3d64255811ff237d8446edeb23693a5a
4d2f8e93a72b351e2a74a613e93e63c0c1e3b0f742cdb83b7664f4796092376d
5eb3ad1dc64d18b21f026e0b6c3bd3535da6c8f0e4fe3f63f60503508baef2aa
5eb93c214c248962fe9233316002fc8e76c45f8551354f25191d6b6399eedf7c
64c16189edc30b26fbfec45575c30a42aa254a6c403be31338050ece86276d3c
65b96b82ce97c8b715b896a4450c5a3e8b979f22da85c9d9558db96788f603ea
7679639865a7c7acddc5e81a7542abeccb9e725883d2e849215ab40b2f6e59d4
80d9df6a033c91c176960af80250168863680188e01dbdca5b7c53256e5ad769
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
9ac869c569fbb2e0a662ca30c6f993f76dc6bd40f0ab3946e54288c373dd19d2
9c71e986b76048ad5ef072bcb37da1e9b257752e3532822ae40f06bb40ba3f69
a4fdee53682683f8513c3557b882a20e309efd3b0f5e6347fe9c29382f831ff0
c5825e157a277396f5118917232471c0f19b106083dc0458e59e999da191074f
c6ac18bd7f3447f32c0a172ff6322ad05a67fa020d3f51dc4a7c2ceb6c56d2f5
c9e55dac2471f48680fde75b84e5738ac3e321e6712babac1c4fce04fbcd2afc
db3a06cd1c72b13f0bc16cc07f28e4781579ed70e8ca846c2a37a30315b90e14
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c