contribute.nrcc.org Open in urlscan Pro
35.203.178.34 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://email.dailywire.com/e2t/tc/VWx-VR31GnDdW8TMb8D3CXq-FW11fj5c49N5D8N8wLL5Q3p_97V1-WJV7CgWmGW8Scg8v7hsyt9W1VqfZ_4SmsHvW...
Effective URL:
https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz...
Submission: On June 03 via api (June 3rd 2020, 11:57:37 am UTC) from CA

Summary HTTP 50 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 17 IPs in 7 countries across 18 domains to perform 50 HTTP transactions. The main IP is 35.203.178.34, located in Mountain View, United States and belongs to GOOGLE, US. The main domain is contribute.nrcc.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 1st 2020. Valid for: 3 months.

This is the only time contribute.nrcc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700::68... 2606:4700::6811:72b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	35.203.178.34 35.203.178.34	15169 (GOOGLE) (GOOGLE)
8	2600:9000:219... 2600:9000:2190:1400:14:71e7:1f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2.23.35.58 2.23.35.58	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.216.176.21 52.216.176.21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:800::2008	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81f::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f04... 2a03:2880:f046:f:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
4	2a03:2880:f14... 2a03:2880:f146:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
50	17

1 2606:4700::6811:72b4 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

email.dailywire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.203.178.34 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 34.178.203.35.bc.googleusercontent.com

contribute.nrcc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2190:1400:14:71e7:1f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure.victorypassport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.35.58 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-35-58.deploy.static.akamaitechnologies.com

c.betrad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.176.21 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f046:f:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Switzerland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f146:82:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	nrcc.org 1 redirects contribute.nrcc.org	149 KB
8	victorypassport.com secure.victorypassport.com	20 KB
4	facebook.com www.facebook.com	428 B
4	google.de www.google.de	427 B
4	google.com 1 redirects www.google.com	539 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
3	facebook.net connect.facebook.net	289 KB
3	googletagmanager.com www.googletagmanager.com	104 KB
2	yimg.com s.yimg.com	6 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	amazonaws.com s3.amazonaws.com	91 KB
1	twitter.com analytics.twitter.com	651 B
1	yahoo.com sp.analytics.yahoo.com	529 B
1	t.co t.co	449 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	11 KB
1	betrad.com c.betrad.com	907 B
1	dailywire.com 1 redirects email.dailywire.com	930 B
50	18

	Domain	Requested by
12	contribute.nrcc.org	1 redirects contribute.nrcc.org
8	secure.victorypassport.com	contribute.nrcc.org secure.victorypassport.com
4	www.facebook.com	contribute.nrcc.org connect.facebook.net
4	www.google.de	contribute.nrcc.org
4	www.google.com	1 redirects contribute.nrcc.org
3	googleads.g.doubleclick.net	www.googleadservices.com
3	connect.facebook.net	contribute.nrcc.org connect.facebook.net
3	www.googletagmanager.com	secure.victorypassport.com www.googletagmanager.com
2	s.yimg.com	contribute.nrcc.org s.yimg.com
2	www.google-analytics.com	1 redirects secure.victorypassport.com
2	s3.amazonaws.com	contribute.nrcc.org
1	analytics.twitter.com	static.ads-twitter.com
1	sp.analytics.yahoo.com	s.yimg.com
1	t.co	contribute.nrcc.org
1	static.ads-twitter.com	contribute.nrcc.org
1	www.googleadservices.com	www.googletagmanager.com
1	stats.g.doubleclick.net	1 redirects
1	c.betrad.com	contribute.nrcc.org
1	email.dailywire.com	1 redirects
50	19

This site contains links to these domains. Also see Links.

Domain
www.nrcc.org
info.evidon.com

Subject Issuer	Validity	Valid
contribute.nrcc.org Let's Encrypt Authority X3	`2020-06-01` - `2020-08-30`	3 months	crt.sh
*.victorypassport.com Amazon	`2020-01-20` - `2021-02-20`	a year	crt.sh
*.betrad.com DigiCert SHA2 Secure Server CA	`2020-04-29` - `2021-07-29`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-05-14` - `2020-08-05`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-05-19` - `2020-07-03`	a month	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-05-20` - `2020-08-12`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-05-05` - `2020-07-28`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-04` - `2020-08-31`	6 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Frame ID: EF71B8478A0A7E7A2B3156E1378C92C7
Requests: 49 HTTP requests in this frame

Frame: https://secure.victorypassport.com/pages/nrcc/retake-the-house-home-page?location=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house&location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j
Frame ID: 2976A3405A61580020E29857704E53B0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://email.dailywire.com/e2t/tc/VWx-VR31GnDdW8TMb8D3CXq-FW11fj5c49N5D8N8wLL5Q3p_97V1-WJV7CgWmGW8Scg8v... HTTP 307
http://contribute.nrcc.org/defend-majority?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710... HTTP 301
https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=887... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

50
Requests

100 %
HTTPS

58 %
IPv6

18
Domains

19
Subdomains

17
IPs

7
Countries

697 kB
Transfer

2156 kB
Size

12
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nrcc.org/
Title: NRCC.org

Search URL Search Domain Scan URL

URL: https://www.nrcc.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://info.evidon.com/pub_info/6672?v=1&nt=0&nw=false
Title: AdChoices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://email.dailywire.com/e2t/tc/VWx-VR31GnDdW8TMb8D3CXq-FW11fj5c49N5D8N8wLL5Q3p_97V1-WJV7CgWmGW8Scg8v7hsyt9W1VqfZ_4SmsHvW1YT8HW3wzf_sW6SFJ8T12NCllW6zBRZK48Y9MjW8R0Rxb3Sn3zgW3TvqJ42WxLdXW7KdvX478fFcbW1nm6CW8QBxnJW37C09P4JYgdbW6QD_Z67gy8-GVQqvXb7jpZV3W3-hZYS2F9d9WN49qx0wb5HDDW7l5B_L5rfVZ7W824vk28yFHCyW4LtlBR5vwQ-xW8cKkt76fdCSLW7mrV942CD7hYW85gdRS2BWTKFW66dZPm1TzQnwW8vY-MZ87VK9yW4wMDNs8YMY_xW13rSw01RsfFG3q151 HTTP 307
http://contribute.nrcc.org/defend-majority?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation HTTP 301
https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1308704425&t=pageview&_s=1&dl=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&ul=en-us&de=UTF-8&dt=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1747279258&gjid=833058351&cid=2145761429.1591185438&tid=UA-15267911-1&_gid=1698119961.1591185438&_r=1&z=454196853 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_gid=1698119961.1591185438&gjid=833058351&_v=j82&z=454196853 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_v=j82&z=454196853 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_v=j82&z=454196853&slf_rd=1&random=2225895115

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
contribute.nrcc.org/retake-the-house/
Redirect Chain

https://email.dailywire.com/e2t/tc/VWx-VR31GnDdW8TMb8D3CXq-FW11fj5c49N5D8N8wLL5Q3p_97V1-WJV7CgWmGW8Scg8v7hsyt9W1VqfZ_4SmsHvW1YT8HW3wzf_sW6SFJ8T12NCllW6zBRZK48Y9MjW8R0Rxb3Sn3zgW3TvqJ42WxLdXW7KdvX478...
http://contribute.nrcc.org/defend-majority?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsil...
https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISM...

8 KB
3 KB

734ms
353ms

Document
text/html

35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx / WP Engine
Resource Hash: 9cf15521852d966402fe6163c6e669ebed0e0938fcbbe7e75b9af1e5cb8eb921

Request headers

:method: GET
:authority: contribute.nrcc.org
:scheme: https
:path: /retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
server: nginx
date: Wed, 03 Jun 2020 11:57:14 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link: <https://contribute.nrcc.org/wp-json/>; rel="https://api.w.org/" <https://contribute.nrcc.org/?p=8038>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: HIT: 12
x-cache-group: normal
content-encoding: br

Redirect headers

Server: nginx
Date: Wed, 03 Jun 2020 11:57:14 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation

GET
H2 200 style.min.css
contribute.nrcc.org/wp-includes/css/dist/block-library/ 52 KB
8 KB 196ms
194ms Stylesheet
text/css 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-includes/css/dist/block-library/style.min.css?ver=5.4.1
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 24 Apr 2020 15:32:14 GMT
server: nginx
status: 200
etag: W/"5ea3067e-d159"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fp1-public.css
contribute.nrcc.org/wp-content/plugins/fp1/public/css/ 2 KB
847 B 200ms
198ms Stylesheet
text/css 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-content/plugins/fp1/public/css/fp1-public.css?ver=1.0.0
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a72dc9639c15c632c43ece0195a3485116a068b90d29fe97dee20953374e4fab

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 20:01:12 GMT
server: nginx
status: 200
etag: W/"5d0d3788-712"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 style.css
contribute.nrcc.org/wp-content/themes/contrib-nrcc/ 191 KB
26 KB 355ms
353ms Stylesheet
text/css 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-content/themes/contrib-nrcc/style.css?ver=5.4.1
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8248dd0ae690448742082605040ac798aba08279129577c6c22a9f1d78e18c22

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 18 Jan 2019 20:16:49 GMT
server: nginx
status: 200
etag: W/"5c423431-2fad0"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jigsaw.css
secure.victorypassport.com/styles/ 1 KB
1 KB 434ms
387ms Stylesheet
text/css 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/styles/jigsaw.css?ver=5.4.1

Requested by

Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

88562e7f47e52a094c36f14d04affd62b2fc67140140a8802fb733b2ba05df88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-powered-by: Phusion Passenger 6.0.4
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 595
x-xss-protection: 1; mode=block
x-request-id: d0e69dca-0bb8-43e6-a522-4d7d7aac5eb5
x-runtime: 0.009107
server: nginx/1.18.0 + Phusion Passenger 6.0.4
etag: W/"95d2ebdaa3cdb4eff7d481c259d9965f"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: pZA2xhkNcN4vLrZwoR-hiey1JH2kEGse5Nj0o4FtDhpYVVWlxxvHyg==

GET
H2 200 jquery.js Show response
contribute.nrcc.org/wp-includes/js/jquery/ 95 KB
34 KB 425ms
424ms Script
application/javascript 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: nginx
status: 200
etag: W/"5cde37d2-17a69"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery-migrate.min.js Show response
contribute.nrcc.org/wp-includes/js/jquery/ 10 KB
4 KB 517ms
515ms Script
application/javascript 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 20 May 2016 06:11:28 GMT
server: nginx
status: 200
etag: W/"573eaa90-2748"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 fp1-public.js Show response
contribute.nrcc.org/wp-content/plugins/fp1/public/js/ 617 B
609 B 517ms
516ms Script
application/javascript 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-content/plugins/fp1/public/js/fp1-public.js?ver=1.0.0
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: cce8f3dc35444e5fec50a45ac5767a963c6907fe6b5e479c1c551776760fc2d2

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 20:01:12 GMT
server: nginx
status: 200
etag: W/"5d0d3788-269"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 NRCC-logo-white-8.png
contribute.nrcc.org/wp-content/themes/contrib-nrcc/images/ 64 KB
64 KB 213ms
212ms Image
image/png 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://contribute.nrcc.org/wp-content/themes/contrib-nrcc/images/NRCC-logo-white-8.png
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3ddfef72bf68b6192f988b75cba79aeb85eb9981cccdea9a068cf1a4ff7000d0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
last-modified: Fri, 18 Jan 2019 20:13:59 GMT
server: nginx
status: 200
etag: "5c423387-1008c"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 65676

GET
H2 200 jigsaw_initial Show response
secure.victorypassport.com/scripts/ 813 B
1 KB 372ms
372ms Script
text/javascript 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/scripts/jigsaw_initial

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-powered-by: Phusion Passenger 6.0.4
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 389
x-xss-protection: 1; mode=block
x-request-id: 1f93b19e-88a3-4db6-9a3b-f7d1851e9ddf
x-runtime: 0.005159
server: nginx/1.18.0 + Phusion Passenger 6.0.4
x-frame-options: SAMEORIGIN
etag: W/"9a95a26d3ddf3552a8232e66f655e93c"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: tH4NocNX-tHXQvXLcCIy8cw1Wew7SYepOlNJSa6xb2AfQXIz0eZQAw==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H/1.1 200
OK icon1.png
c.betrad.com/pub/ 600 B
907 B 175ms
57ms Image
image/png 2.23.35.58
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.betrad.com/pub/icon1.png
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.23.35.58 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-35-58.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 11:57:15 GMT
Last-Modified: Thu, 02 Jun 2011 18:30:38 GMT
Server: AkamaiNetStorage
ETag: "d08da9f445b63100a56646de99043059:1307039438"
Content-Type: image/png
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 600

GET
H2 200 revv.js Show response
contribute.nrcc.org/wp-content/plugins/fp1/public/js/ 3 KB
1 KB 191ms
191ms Script
application/javascript 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-content/plugins/fp1/public/js/revv.js
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5072e60a58e09392f3f0b291e4875d14dbd4848847e30ee4858642b7df606f2d

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Fri, 21 Jun 2019 20:01:12 GMT
server: nginx
status: 200
etag: W/"5d0d3788-dfa"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
contribute.nrcc.org/wp-includes/js/ 1 KB
951 B 193ms
192ms Script
application/javascript 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-includes/js/wp-embed.min.js?ver=5.4.1
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
server: nginx
status: 200
etag: W/"5db39083-59a"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-emoji-release.min.js Show response
contribute.nrcc.org/wp-includes/js/ 14 KB
5 KB 354ms
353ms Script
application/javascript 35.203.178.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://contribute.nrcc.org/wp-includes/js/wp-emoji-release.min.js?ver=5.4.1
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.203.178.34 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 34.178.203.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:15 GMT
content-encoding: br
last-modified: Tue, 05 Nov 2019 22:04:02 GMT
server: nginx
status: 200
etag: W/"5dc1f1d2-364d"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H/1.1 200
OK c60a4bff-f71f-4e30-b982-f4223252ef69.jpg
s3.amazonaws.com/mystique.victorypassport.com/donation_page/1868/page_background_image/ 79 KB
79 KB 636ms
206ms Image
image/jpeg 52.216.176.21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mystique.victorypassport.com/donation_page/1868/page_background_image/c60a4bff-f71f-4e30-b982-f4223252ef69.jpg
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.176.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 77832ebd523990194d2612758cfea71f41cabb30ec24ce447790447a78295e1c

Request headers

Referer: https://secure.victorypassport.com/styles/jigsaw.css?ver=5.4.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 03 Jun 2020 11:57:17 GMT
Last-Modified: Tue, 08 Jan 2019 04:29:53 GMT
Server: AmazonS3
x-amz-request-id: 8E0AB03BED11308D
ETag: "4614023de35a1483af6e1fc1244e352a"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 80929
x-amz-id-2: enp8XVwl3rhob28XFkXFhfT1OGKgs6/XH6OmwZxd7d1tJ1XJK8zFem/rlgrX3MX69It8tLndvmI=
Expires: Tue, 15 Jan 2019 03:24:54 GMT

GET
H2 200 jigsaw.css
secure.victorypassport.com/styles/ 1 KB
1 KB 375ms
374ms Stylesheet
text/css 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/styles/jigsaw.css?location_url=https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

88562e7f47e52a094c36f14d04affd62b2fc67140140a8802fb733b2ba05df88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-powered-by: Phusion Passenger 6.0.4
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 595
x-xss-protection: 1; mode=block
x-request-id: 1026a906-63a8-48e4-884b-978ac780790b
x-runtime: 0.009095
server: nginx/1.18.0 + Phusion Passenger 6.0.4
etag: W/"95d2ebdaa3cdb4eff7d481c259d9965f"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: 6Y7ETvU7s1A_3yLCIKOPq90JglhDUZYzrJU7WBGHoYFKvrag4iLXfg==

GET
H2 200 jigsaw Show response
secure.victorypassport.com/scripts/ 2 KB
2 KB 382ms
381ms Script
text/javascript 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

e37b816e9d934bf50fb96a62f378a24248728d02162f21b97cd631f852d5831d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: ZRH50-C1
x-powered-by: Phusion Passenger 6.0.4
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 1083
x-xss-protection: 1; mode=block
x-request-id: 58357186-db58-4af0-9655-392ce1583366
x-runtime: 0.009541
server: nginx/1.18.0 + Phusion Passenger 6.0.4
x-frame-options: SAMEORIGIN
etag: W/"4997be41dfbccb933935654f1853542d"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: BN9plPRgqHaBSYF8b1aH99Fbi1_wcqltj8q9spM6VY_0lIdBF4DkXA==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 retake-the-house-home-page
secure.victorypassport.com/pages/nrcc/ Frame 2976 0
0 407ms
407ms Document
text/html 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/pages/nrcc/retake-the-house-home-page?location=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house&location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.18.0 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.victorypassport.com
:scheme: https
:path: /pages/nrcc/retake-the-house-home-page?location=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house&location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation

Response headers

status: 200 200 OK
content-type: text/html; charset=utf-8
content-length: 7857
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
date: Wed, 03 Jun 2020 11:57:16 GMT
etag: W/"cf8b11d09643da99480b6c1afb69f144"
server: nginx/1.18.0 + Phusion Passenger 6.0.4
set-cookie: _mystique_session=aEs5bGRtVWFkRGVWTk9mMEJ4RTMwWnVnVEUrcTZNUzAxcFN5VFJMb0xLUGVKOWxHcGsvM2xla1BjaGFXYk1Qc0tOaHZ2ZGFtZkEwWTY4RE5LbVlsdExSZ1hwdzZ2eE1rM1ZBRUhENEw3cnZodThhcEE5MHU2bFVKU3BlMm40QWg1RjA2WStERWdSYllxNEhHc2htSDRRPT0tLXBwS2UwQUJaYStKS29XLzFWNEQ3UEE9PQ%3D%3D--1344647c4623ca4d44840ea2b3679e037936fb03; path=/; expires=Thu, 03 Jun 2021 17:57:16 -0000; secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.4
x-request-id: 8d5307f3-dff8-48fc-b429-3e2a33bba00e
x-runtime: 0.035391
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: fDsMEHcTHqEO9uAUK6rX3hQGSERKvbcUPSgtYH5luM1lOIcbhfI05w==

GET
H2 200 application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
secure.victorypassport.com/assets/jackal/ 20 KB
5 KB 388ms
387ms Stylesheet
text/css 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Requested by: Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:16 GMT
content-encoding: gzip
last-modified: Wed, 06 May 2020 17:45:21 GMT
server: nginx/1.18.0
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: text/css
status: 200
cache-control: max-age=315360000, public
content-length: 4419
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-id: XsTcgthvWgcgmCHf1iGurDa7PxY5wXLLCwJZ7dm1YYpwlvGMM55x3g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js Show response
secure.victorypassport.com/assets/jackal/ 42 KB
10 KB 387ms
386ms Script
application/x-javascript 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Requested by: Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9jb250cmlidXRlLm5yY2Mub3JnL3JldGFrZS10aGUtaG91c2UvP3V0bV9jYW1wYWlnbj1EZWRpY2F0ZWQlMjBSZW50YWwmdXRtX21lZGl1bT1lbWFpbCZfaHNtaT04ODcxMDM3NSZfaHNlbmM9cDJBTnF0ei1fdEl0LVBjLVcwZnZxSEpyOFZlZ0lKZVNfQVAzSS1OWWpUdmxlajlMdnp2SEk4MDZRRFZOdlNrNnRwQVJpQ1g1R0xDWi1JU01zaWxFSjlnQW4zY3NSX1lDYnNFTnRaY0VqQy12aG9teE5Kd3MtM09EUSZ1dG1fY29udGVudD04ODcxMDM3NSZ1dG1fc291cmNlPWhzX2F1dG9tYXRpb24j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:16 GMT
content-encoding: gzip
last-modified: Wed, 06 May 2020 17:46:47 GMT
server: nginx/1.18.0
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=315360000, public
content-length: 9742
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
x-amz-cf-id: 4YZshpC-hdG9Us7ihCO4eJ2gqYB52SEXDeQ8PvDMyYw77wLZuGby6g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
secure.victorypassport.com/assets/ 444 B
816 B 13ms
12ms Image
image/jpeg 2600:9000:2190:1400:14:71e7:1f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.victorypassport.com/assets/circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2190:1400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c

Request headers

Referer: https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 22 Mar 2020 21:08:38 GMT
via: 1.1 eb7b239aed47669f8a7b6ac95bc8aff1.cloudfront.net (CloudFront)
last-modified: Fri, 22 Nov 2019 15:42:01 GMT
server: nginx/1.12.1
age: 6274118
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 444
x-amz-cf-id: 18MTwSvI6RM_RtjrN1EH7Tv_lGVMxCKfHGKYrUNFLOpQu9aDeI3Y_A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
39 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65b31dc4689c6a0db8faf1e0fde54b82d56eb32201a20f2405ea1226e512f354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39547
x-xss-protection: 0
last-modified: Wed, 03 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jun 2020 11:57:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 3658
date: Wed, 03 Jun 2020 10:56:19 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 03 Jun 2020 12:56:19 GMT

GET
H/1.1 200
OK VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ 11 KB
11 KB 605ms
226ms Font
application/octet-stream 52.216.176.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.victorypassport.com/fonts/VictoryPassport.ttf
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.176.21 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Origin: https://contribute.nrcc.org

Response headers

Date: Wed, 03 Jun 2020 11:57:19 GMT
Last-Modified: Wed, 01 Jul 2015 02:35:45 GMT
Server: AmazonS3
x-amz-request-id: 5F2334A9EB83B9F3
ETag: "7d80bd6dc0d2e81dc2274a2b29799949"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 10804
x-amz-id-2: +YUl5vQJY3zlc2X56tepL+ciOyHc7xKU0HnXr9LdZ4JQjc0I+H20lQTU7MFTzFOwPVy3pTtqVzo=

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=1308704425&t=pageview&_s=1&dl=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Dem...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_gid=1698119961.1591185438&gjid=833058351&_v=j82&z=454196853
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_v=j82&z=454196853
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_v=j82&z=454196853&slf_rd=1&random=2225895115

42 B
106 B

24ms
24ms

Image
image/gif

2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_v=j82&z=454196853&slf_rd=1&random=2225895115

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:17 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15267911-1&cid=2145761429.1591185438&jid=1747279258&_v=j82&z=454196853&slf_rd=1&random=2225895115
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
32 KB 20ms
19ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9232116

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

464eb94292358cc9ef4d24d49328fd309d385d9e8d4db79cce80887f85f8dc81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33160
x-xss-protection: 0
last-modified: Wed, 03 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jun 2020 11:57:17 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 28 KB
11 KB 63ms
61ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10884
x-xss-protection: 0
server: cafe
etag: 10406653800972162523
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 03 Jun 2020 11:57:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 71ms
32ms Script
application/x-javascript 2a03:2880:f046:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: hbnetSUp8ju+qX4rlhNF+aemz7D3LV6M5+hzZKzbO1lfvWo0cW6t/V0baFjvwlv7AyGZw0738NeJMVo2i27dXw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 03 Jun 2020 11:57:17 GMT, Wed, 03 Jun 2020 11:57:17 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 14 KB
6 KB 58ms
17ms Script
application/javascript 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1543
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: D63B53F74401E4DF
x-amz-id-2: bsQe4nj6J3H8rjTthpAPh2VUfPRXYJ/tzMvzaQoOwHBj+3kfdjjn08CqajkghMtr7/Vw5q2RIyw=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 23 May 2021 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 17 Apr 2020 10:13:12 GMT
server: ATS
etag: "262ad28777cd04301eaf1ed832269103-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: .3pslEVav9FDmkNX3peqHq9djDal2LXy
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 5398
content-type: application/javascript

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 167ms
54ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: contribute.nrcc.org
URL: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:18 GMT
content-encoding: gzip
age: 51942
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4077-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1591185438.066771,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 83 KB
33 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-815133722&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-9232116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7e614b335d3efcc458cd8e028f92401d5d376006a5f3af9a25d10305ebbc3e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:17 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33214
x-xss-protection: 0
last-modified: Wed, 03 Jun 2020 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 Jun 2020 11:57:17 GMT

GET
H2 200 10057379.json Show response
s.yimg.com/wi/config/ 2 B
493 B 154ms
117ms XHR
application/json 2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10057379.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: BA4C8200E187A176
x-amz-id-2: ufDLAEw2L8YF1cwVlZEwZrvhsQPbmeNYT/tPs+XZU9vgpDbIFA0Ai0d8KcWAUisyBB6iZkZ677Y=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 22

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/762936632/ 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/762936632/?random=1591185437994&cv=9&fst=1591185437994&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

645d0615c9174f858a401d937a470523afa4f39a6c183e87e1fbdba05e3ae70f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1591185437998&cv=9&fst=1591185437998&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7979dc82a46df78278c921bf54f2d7bd9d008c0db2d58887c59f4bd2cfaf5864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 3 KB
2 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1591185438017&cv=9&fst=1591185438017&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5k1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94365f4f713089726db7b1f7a773acdccd88d2913dc9d4f7b7b0348af00807dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25="googleads.g.doubleclick.net:443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/762936632/ 42 B
119 B 23ms
22ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/762936632/?random=1591185437994&cv=9&fst=1591182000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&async=1&fmt=3&is_vtc=1&random=2185919553&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/762936632/ 42 B
107 B 22ms
21ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/762936632/?random=1591185437994&cv=9&fst=1591182000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&async=1&fmt=3&is_vtc=1&random=2185919553&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/815133722/ 42 B
119 B 37ms
36ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/815133722/?random=1591185437998&cv=9&fst=1591182000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&async=1&fmt=3&is_vtc=1&random=2326302144&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/815133722/ 42 B
107 B 36ms
36ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/815133722/?random=1591185437998&cv=9&fst=1591182000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5k1&sendb=1&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&async=1&fmt=3&is_vtc=1&random=2326302144&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 298860036983510 Show response
connect.facebook.net/signals/config/ 516 KB
129 KB 142ms
142ms Script
application/x-javascript 2a03:2880:f046:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298860036983510?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c37d01822b154eefd053e50637a5954d1e7740db30a3c4ef081d9ec7cc038b2f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: Eo/TpgXcF2LbFWeZexwe4hEVydTEepIihuwp1P/P7HH4p/nSrvug3cWAKM6tq4Svv+fpZDV8mo1cW9YzFrkXHw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 03 Jun 2020 11:57:18 GMT, Wed, 03 Jun 2020 11:57:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/815133722/ 42 B
119 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/815133722/?random=1591185438017&cv=9&fst=1591182000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5k1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&async=1&fmt=3&is_vtc=1&random=3759575128&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/815133722/ 42 B
107 B 25ms
24ms Image
image/gif 2a00:1450:4001:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/815133722/?random=1591185438017&cv=9&fst=1591182000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa5k1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&tiba=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&async=1&fmt=3&is_vtc=1&random=3759575128&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 276ms
171ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1kfn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 118
pragma: no-cache
last-modified: Wed, 03 Jun 2020 11:57:18 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 9d1f488abef22a634351a63f9fcc07bb
x-transaction: 00db73050049007d
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
529 B 350ms
198ms Script
application/x-javascript 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Wed%2C%2003%20Jun%202020%2011%3A57%3A18%20GMT&n=-2d&b=Retake%20The%20House%20%7C%20Home%20Page%20-%20National%20Republican%20Congressional%20Committee&.yp=10057379&f=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 , Switzerland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:18 GMT
x-content-type-options: nosniff
age: 0
status: 200
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Wed, 03 Jun 2020 11:57:18 GMT

GET
H2 200 316720908987052 Show response
connect.facebook.net/signals/config/ 517 KB
129 KB 129ms
128ms Script
application/x-javascript 2a03:2880:f046:f:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316720908987052?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f046:f:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7528705aca97007678ee78c5c684994959710c4b7b8e9ed23e97123f85f40827

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: A0ygdCGzgM7XJa4hbcr2qBi9Hl47gnsqGzSzJFJmlsR0dpZCXsJl3fgChhntxPh+5O51Agyi50jU6nTbRx6EWw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 03 Jun 2020 11:57:18 GMT, Wed, 03 Jun 2020 11:57:18 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
212 B 33ms
32ms Image
image/gif 2a03:2880:f146:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298860036983510&ev=PageView&dl=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&rl=&if=false&ts=1591185438236&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591185438234.2098317870&it=1591185438032&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:18 GMT, Wed, 03 Jun 2020 11:57:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Jun 2020 11:57:18 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 32ms
31ms Image
image/gif 2a03:2880:f146:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316720908987052&ev=PageView&dl=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation&rl=&if=false&ts=1591185438405&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1591185438234.2098317870&it=1591185438032&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:18 GMT, Wed, 03 Jun 2020 11:57:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 03 Jun 2020 11:57:18 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
85 B 31ms
31ms Other
text/plain 2a03:2880:f146:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryMRpUn2UQJPJy2Min

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 03 Jun 2020 11:57:18 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://contribute.nrcc.org
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

POST
H2 200 /
www.facebook.com/tr/ 0
30 B 32ms
31ms Other
text/plain 2a03:2880:f146:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f146:82:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryowEXQKG6AZ38ftLO

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 03 Jun 2020 11:57:18 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://contribute.nrcc.org
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 263ms
163ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1kfn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fcontribute.nrcc.org%2Fretake-the-house%2F%3Futm_campaign%3DDedicated%2520Rental%26utm_medium%3Demail%26_hsmi%3D88710375%26_hsenc%3Dp2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ%26utm_content%3D88710375%26utm_source%3Dhs_automation

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://contribute.nrcc.org/retake-the-house/?utm_campaign=Dedicated%20Rental&utm_medium=email&_hsmi=88710375&_hsenc=p2ANqtz-_tIt-Pc-W0fvqHJr8VegIJeS_AP3I-NYjTvlej9LvzvHI806QDVNvSk6tpARiCX5GLCZ-ISMsilEJ9gAn3csR_YCbsENtZcEjC-vhomxNJws-3ODQ&utm_content=88710375&utm_source=hs_automation
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Jun 2020 11:57:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Wed, 03 Jun 2020 11:57:19 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: be8de8b3fb770b9ea47f5779fb15064e
x-transaction: 002f37ed0025888e
expires: Tue, 31 Mar 1981 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.victorypassport.com/	1970-01-19 12:09:21	Name: _fbp Value: fb.1.1591185438204.136319981
.victorypassport.com/	1970-01-19 09:59:45	Name: _gat_UA-10463545-10 Value: 1
.nrcc.org/	1970-01-19 12:09:21	Name: _fbp Value: fb.1.1591185438234.2098317870
.victorypassport.com/	1970-01-19 09:59:45	Name: _dc_gtm_UA-10463545-9 Value: 1
.nrcc.org/	1970-01-19 10:01:11	Name: _gid Value: GA1.2.1698119961.1591185438
.victorypassport.com/	1970-01-19 10:01:11	Name: _gid Value: GA1.2.1814012908.1591185438
secure.victorypassport.com/	1970-01-19 18:45:43	Name: _mystique_session Value: aEs5bGRtVWFkRGVWTk9mMEJ4RTMwWnVnVEUrcTZNUzAxcFN5VFJMb0xLUGVKOWxHcGsvM2xla1BjaGFXYk1Qc0tOaHZ2ZGFtZkEwWTY4RE5LbVlsdExSZ1hwdzZ2eE1rM1ZBRUhENEw3cnZodThhcEE5MHU2bFVKU3BlMm40QWg1RjA2WStERWdSYllxNEhHc2htSDRRPT0tLXBwS2UwQUJaYStKS29XLzFWNEQ3UEE9PQ%3D%3D--1344647c4623ca4d44840ea2b3679e037936fb03
.nrcc.org/	1970-01-19 12:09:21	Name: _gcl_au Value: 1.1.1111640570.1591185438
.victorypassport.com/	1970-01-19 09:59:45	Name: _gat Value: 1
.nrcc.org/	1970-01-19 09:59:45	Name: _gat Value: 1
.victorypassport.com/	1970-01-20 03:30:57	Name: _ga Value: GA1.2.316026288.1591185438
.nrcc.org/	1970-01-20 03:30:57	Name: _ga Value: GA1.2.2145761429.1591185438

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://contribute.nrcc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1
console-api	log	(Line 1) Message: NMGTM
console-api	log	(Line 1) Message: NM \| Floodlight Global Fire \| gtag init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
c.betrad.com
connect.facebook.net
contribute.nrcc.org
email.dailywire.com
googleads.g.doubleclick.net
s.yimg.com
s3.amazonaws.com
secure.victorypassport.com
sp.analytics.yahoo.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.197
104.244.42.67
151.101.112.157
2.23.35.58
212.82.100.181
216.58.210.2
2600:9000:2190:1400:14:71e7:1f40:93a1
2606:4700::6811:72b4
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::2008
2a00:1450:4001:806::2004
2a00:1450:4001:81b::2002
2a00:1450:4001:81b::200e
2a00:1450:4001:81f::2003
2a00:1450:400c:c00::9b
2a03:2880:f046:f:face:b00c:0:3
2a03:2880:f146:82:face:b00c:0:25de
35.203.178.34
52.216.176.21
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3ddfef72bf68b6192f988b75cba79aeb85eb9981cccdea9a068cf1a4ff7000d0
40d2dae0209b964e6ceb2607faafc02bb3d6efa0d73f47a4ab2a17279f642b91
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
464eb94292358cc9ef4d24d49328fd309d385d9e8d4db79cce80887f85f8dc81
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
5072e60a58e09392f3f0b291e4875d14dbd4848847e30ee4858642b7df606f2d
5b54138a1228bb354b4d200ba40bca6e8bf05c3476b3013daf8fa8162a414582
645d0615c9174f858a401d937a470523afa4f39a6c183e87e1fbdba05e3ae70f
65b31dc4689c6a0db8faf1e0fde54b82d56eb32201a20f2405ea1226e512f354
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
7528705aca97007678ee78c5c684994959710c4b7b8e9ed23e97123f85f40827
77832ebd523990194d2612758cfea71f41cabb30ec24ce447790447a78295e1c
7979dc82a46df78278c921bf54f2d7bd9d008c0db2d58887c59f4bd2cfaf5864
8248dd0ae690448742082605040ac798aba08279129577c6c22a9f1d78e18c22
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
88562e7f47e52a094c36f14d04affd62b2fc67140140a8802fb733b2ba05df88
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
94365f4f713089726db7b1f7a773acdccd88d2913dc9d4f7b7b0348af00807dc
96d33f532112177ede6bf262dcf6d0140dbe29f05a4595d17b0be4743205b5ea
9cf15521852d966402fe6163c6e669ebed0e0938fcbbe7e75b9af1e5cb8eb921
a72dc9639c15c632c43ece0195a3485116a068b90d29fe97dee20953374e4fab
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b7e614b335d3efcc458cd8e028f92401d5d376006a5f3af9a25d10305ebbc3e4
bca7af0b45b6fc6a2064e8e7a34f2041f3e77261e63f0257209bcde6bc40545d
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c37d01822b154eefd053e50637a5954d1e7740db30a3c4ef081d9ec7cc038b2f
cce8f3dc35444e5fec50a45ac5767a963c6907fe6b5e479c1c551776760fc2d2
cd34ee8ae406b1662e7ef53583b899f9ccc52d0920127c4716c6944a68916cd5
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e37b816e9d934bf50fb96a62f378a24248728d02162f21b97cd631f852d5831d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

contribute.nrcc.org Open in urlscan Pro 35.203.178.34 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

100 %HTTPS

58 %IPv6

18 Domains

19 Subdomains

17 IPs

7 Countries

697 kBTransfer

2156 kBSize

12 Cookies

3 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

contribute.nrcc.org Open in urlscan Pro
35.203.178.34 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

100 %
HTTPS

58 %
IPv6

18
Domains

19
Subdomains

17
IPs

7
Countries

697 kB
Transfer

2156 kB
Size

12
Cookies

50 HTTP transactions
0 data transactions