secure.nrsc.org Open in urlscan Pro
2606:4700::6812:a660 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure-web.cisco.com/1soo20vPPIj_zm0-OjCRNcDVEjCkbrHzjaMDVVAZcaALvD5Opx7xRRblsmhtU8co7_7X79Iy-VQsxUGp-T8jVG0IpOGPVmIb...
Effective URL:
https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190...
Submission: On April 30 via manual (April 30th 2019, 11:49:48 pm UTC) from US

Summary HTTP 65 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 4 countries across 24 domains to perform 65 HTTP transactions. The main IP is 2606:4700::6812:a660, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is secure.nrsc.org.
TLS certificate: Issued by Let's Encrypt Authority X3 on March 29th 2019. Valid for: 3 months.

This is the only time secure.nrsc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2620:101:2005... 2620:101:2005:11f0::1001	16417 (IRONPORT-...) (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division)
1 1	52.33.172.146 52.33.172.146	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
14	2606:4700::68... 2606:4700::6812:a660	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	23.45.98.72 23.45.98.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1	2a00:1450:400... 2a00:1450:4001:81d::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
8	2600:9000:204... 2600:9000:2047:2e00:14:71e7:1f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2 - Highwinds Network Group)
2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.120.157 151.101.120.157	54113 (FASTLY) (FASTLY - Fastly)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
1 2	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	2a00:1288:7c:... 2a00:1288:7c:800::4000	43428 (YAHOO-ULS) (YAHOO-ULS)
1	52.222.152.27 52.222.152.27	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	188.125.66.33 188.125.66.33	34010 (YAHOO-IRD) (YAHOO-IRD)
2 4	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.216.178.117 52.216.178.117	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
65	24

1 2620:101:2005:11f0::1001 (United States) 1 redirects

ASN16417 (IRONPORT-SYSTEMS-INC - Cisco Systems Ironport Division, US)

secure-web.cisco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.33.172.146 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-33-172-146.us-west-2.compute.amazonaws.com

paracom.paramountcommunication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6812:a660 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

secure.nrsc.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.45.98.72 (Amsterdam, Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-98-72.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2047:2e00:14:71e7:1f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

secure.victorypassport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.120.157 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:819::2004 (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:7c:800::4000 (United Kingdom)

ASN43428 (YAHOO-ULS, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.152.27 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-152-27.fra53.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.125.66.33 (Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:814::200e (Ireland) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.178.117 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	nrsc.org secure.nrsc.org	244 KB
8	victorypassport.com secure.victorypassport.com	20 KB
6	fontawesome.com use.fontawesome.com	100 KB
5	facebook.com staticxx.facebook.com www.facebook.com	635 B
5	facebook.net connect.facebook.net	162 KB
4	google-analytics.com 2 redirects www.google-analytics.com	35 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	2 KB
3	twitter.com platform.twitter.com analytics.twitter.com	28 KB
3	typekit.net use.typekit.net p.typekit.net	23 KB
2	snapchat.com tr.snapchat.com
2	google.de www.google.de	218 B
2	google.com 1 redirects www.google.com	311 B
2	bing.com bat.bing.com	7 KB
2	googletagmanager.com www.googletagmanager.com	44 KB
1	amazonaws.com s3.amazonaws.com	11 KB
1	yahoo.com sp.analytics.yahoo.com	449 B
1	sc-static.net sc-static.net	5 KB
1	yimg.com s.yimg.com	5 KB
1	t.co t.co	486 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	googleapis.com fonts.googleapis.com	442 B
1	paramountcommunication.com 1 redirects paracom.paramountcommunication.com	709 B
1	cisco.com 1 redirects secure-web.cisco.com	357 B
65	24

	Domain	Requested by
14	secure.nrsc.org	secure.nrsc.org
8	secure.victorypassport.com	secure.nrsc.org secure.victorypassport.com
6	use.fontawesome.com	secure.nrsc.org use.fontawesome.com
5	connect.facebook.net	secure.nrsc.org connect.facebook.net
4	www.google-analytics.com	2 redirects secure.victorypassport.com www.googletagmanager.com
4	www.facebook.com	secure.nrsc.org
2	stats.g.doubleclick.net	1 redirects secure.nrsc.org
2	tr.snapchat.com	www.googletagmanager.com
2	www.google.de	secure.nrsc.org
2	www.google.com	1 redirects secure.nrsc.org
2	bat.bing.com	www.googletagmanager.com secure.nrsc.org
2	www.googletagmanager.com	secure.nrsc.org secure.victorypassport.com
2	platform.twitter.com	secure.nrsc.org platform.twitter.com
2	use.typekit.net	secure.nrsc.org use.typekit.net
1	s3.amazonaws.com	secure.nrsc.org
1	sp.analytics.yahoo.com	s.yimg.com
1	p.typekit.net	secure.nrsc.org
1	sc-static.net	secure.nrsc.org
1	s.yimg.com	secure.nrsc.org
1	staticxx.facebook.com	connect.facebook.net
1	analytics.twitter.com	static.ads-twitter.com
1	t.co	secure.nrsc.org
1	googleads.g.doubleclick.net	www.googleadservices.com
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	fonts.googleapis.com	secure.nrsc.org
1	paracom.paramountcommunication.com	1 redirects
1	secure-web.cisco.com	1 redirects
65	28

This site contains links to these domains. Also see Links.

Domain
www.nrsc.org

Subject Issuer	Validity	Valid
secure.nrsc.org Let's Encrypt Authority X3	`2019-03-29` - `2019-06-27`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2018-07-20` - `2020-01-03`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2018-11-19` - `2019-11-27`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.victorypassport.com Amazon	`2019-02-05` - `2020-03-05`	a year	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2018-09-17` - `2019-11-21`	a year	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
www.googleadservices.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2018-08-16` - `2019-08-21`	a year	crt.sh
www.bing.com Microsoft IT TLS CA 5	`2017-07-20` - `2019-07-10`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-03-07` - `2020-03-07`	a year	crt.sh
www.google.com Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
www.google.de Google Internet Authority G3	`2019-03-26` - `2019-06-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-03-08` - `2019-06-06`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-01-28` - `2020-01-28`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-04-22` - `2019-06-06`	a month	crt.sh
sc-static.net DigiCert SHA2 Secure Server CA	`2019-03-11` - `2021-03-15`	2 years	crt.sh
tr.snapchat.com DigiCert SHA2 Secure Server CA	`2019-02-19` - `2021-02-23`	2 years	crt.sh
*.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2018-11-21` - `2019-05-20`	6 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Frame ID: 2FC77A979E017227CE51209BB6437974
Requests: 60 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fsecure.nrsc.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 3B9731A056F18FCCF1F3D90CB926D665
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
Frame ID: 0686279B283CBEF49F02AE9A6F3A3326
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i
Frame ID: D0F8BB27CA011980F917AAA5BE185E39
Requests: 1 HTTP requests in this frame

Frame: https://secure.victorypassport.com/pages/nrsc/4-match-donation-page-abandon-cart-trump-newt?location=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn&location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j
Frame ID: C34F28A53A5181E7A65F67C1AF6DF9B0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: D0818EE99865D091095526FCB852D287
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure-web.cisco.com/1soo20vPPIj_zm0-OjCRNcDVEjCkbrHzjaMDVVAZcaALvD5Opx7xRRblsmhtU8co7_7X79Iy-VQs... HTTP 302
http://paracom.paramountcommunication.com/ct/51457824:WH3L5QwNT:m:1:2127010580:725BA5D940B281890C488168E7265B24:r HTTP 302
https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-D... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
script /\/wp-includes\//i

Mustache (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Mustache$/i

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Vue$/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /cloudflare/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Hammer.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Hammer$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Twitter Emoji (Twemoji) (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

env /^twemoji$/i

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

env /^Typekit$/i

YUI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^YAHOO$/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js/i
env /^jQuery$/i

Page Statistics

65
Requests

100 %
HTTPS

58 %
IPv6

24
Domains

28
Subdomains

24
IPs

4
Countries

699 kB
Transfer

1958 kB
Size

22
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.nrsc.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure-web.cisco.com/1soo20vPPIj_zm0-OjCRNcDVEjCkbrHzjaMDVVAZcaALvD5Opx7xRRblsmhtU8co7_7X79Iy-VQsxUGp-T8jVG0IpOGPVmIbPDSD9c9a9_glwp7NIFT1wrdLrmHxaxx7mfbx5c5gRwtxYwVbq-UeEZE7YoFhhm-hkqd09VYJH7aT9S-UwZSQtydxv_87m2A4ubHiXpfyN5HEUhoboPW2tiwKUCS0SchvSjxNyGfNQ_jy_jHF-Y70M94cDG0pNDB7H2AkLhYNu_lcOMiZexZn0Rb1p2YWBv7A4eAQn1C4meyTtdSQCms0T3G4hiMySNYZGsbtC377KNWhshxJkH_BcSbDAe_bTQ01yc9Dfa9UgwMh6BiMzxUkCS2xBHMFlwa6iYC8G2NcYhNBxbPybxTDzkiE2x4xMXjq8h7qkhuiI-nHG9nwLxAXwb_0rsdVRFjdkCOVdLzx5G5pNfnIUs9zh9QeKRuiAXQWbRVghv5ngTL5DdayAdO3-WOvQa4M0XofRAJfpTD2FsywGsCKp5pvzI5wN-GtQoq_EuL3lVauLWXs/http%3A%2F%2Fparacom.paramountcommunication.com%2Fct%2F51457824%3AWH3L5QwNT%3Am%3A1%3A2127010580%3A725BA5D940B281890C488168E7265B24%3Ar HTTP 302
http://paracom.paramountcommunication.com/ct/51457824:WH3L5QwNT:m:1:2127010580:725BA5D940B281890C488168E7265B24:r HTTP 302
https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1013563831&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&ul=en-us&de=UTF-8&dt=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1547480529&gjid=770129819&cid=1628468702.1556668172&tid=UA-23419263-1&_gid=115676160.1556668172&_r=1&z=1378702112 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_gid=115676160.1556668172&gjid=770129819&_v=j73&z=1378702112 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_v=j73&z=1378702112 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_v=j73&z=1378702112&slf_rd=1&random=3480466313

Request Chain 60

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1013563831&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&ul=en-us&de=UTF-8&dt=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=401225296&gjid=1480604957&cid=1628468702.1556668172&tid=UA-23419263-11&_gid=115676160.1556668172&_r=1&gtm=2wg4305WDLTFM&z=681887134 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=1628468702.1556668172&jid=401225296&_gid=115676160.1556668172&gjid=1480604957&_v=j73&z=681887134

65 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.nrsc.org/donation_page/4x-match-actn/
Redirect Chain

http://secure-web.cisco.com/1soo20vPPIj_zm0-OjCRNcDVEjCkbrHzjaMDVVAZcaALvD5Opx7xRRblsmhtU8co7_7X79Iy-VQsxUGp-T8jVG0IpOGPVmIbPDSD9c9a9_glwp7NIFT1wrdLrmHxaxx7mfbx5c5gRwtxYwVbq-UeEZE7YoFhhm-hkqd09VYJH...
http://paracom.paramountcommunication.com/ct/51457824:WH3L5QwNT:m:1:2127010580:725BA5D940B281890C488168E7265B24:r
https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&actio...

14 KB
6 KB

1018ms
955ms

Document
text/html

2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: be0b17a158ed2d78d10dc3a5d6dd8d11937df643a5b707245b347a8c1cd1c854

Request headers

:method: GET
:authority: secure.nrsc.org
:scheme: https
:path: /donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
date: Tue, 30 Apr 2019 23:49:30 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d7b4853f6b8d8e979c0b27cb044fa15a01556668169; expires=Wed, 29-Apr-20 23:49:29 GMT; path=/; domain=.secure.nrsc.org; HttpOnly
link: <https://www.nrsc.org/?p=5585>; rel=shortlink
vary: Accept-Encoding
wpe-backend: apache
x-type: nocachearg
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 4cfd699a8c9e97d8-FRA
content-encoding: gzip

Redirect headers

Date: Tue, 30 Apr 2019 23:49:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 284
Connection: keep-alive
Set-Cookie: AWSALB=M+qeyJyvxR5jpWtQb28COTlYjEpCAxMyLJVZwCicCqUbNuD2jD0pM4u4jnry2002lsPs2czWaCEl3XAeVGelfJOXDagF78HejP33KCEcPoBtbsQNqXE/uP2VWlrb; Expires=Tue, 07 May 2019 23:49:29 GMT; Path=/
Server: Apache
Vary: X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver: 1.4.0.0
Cache-Control: no-cache
Pragma: no-cache
Location: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Content-Encoding: gzip

GET
H2 200 nnp5tpv.js Show response
use.typekit.net/ 18 KB
7 KB 228ms
148ms Script
text/javascript 23.45.98.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/nnp5tpv.js

Requested by

Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.45.98.72 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),

Reverse DNS

a23-45-98-72.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ef9d0497a286a15b37eff90b7477bc7901b486a9cdc12feedd83d322f9fd2a4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
access-control-allow-origin: *
date: Tue, 30 Apr 2019 23:49:30 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
status: 200
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
content-length: 7380

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 93 KB
28 KB 63ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4184) /
Resource Hash: 460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Tue, 30 Apr 2019 23:49:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Mar 2019 17:40:21 GMT
Server: ECS (fcn/4184)
Etag: "4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28028

GET
H2 200 style.min.css
secure.nrsc.org/wp-includes/css/dist/block-library/ 25 KB
5 KB 473ms
469ms Stylesheet
text/css 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-includes/css/dist/block-library/style.min.css?ver=5.1.1
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-629a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0880b97d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
442 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:81d::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Volkhov:400,400i,700

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81d::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

c2ca207a811f05e69402560cbed35e318ad152207086c01cccf78bacf3cf8178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Tue, 30 Apr 2019 23:49:30 GMT
server: ESF
access-control-allow-origin: *
date: Tue, 30 Apr 2019 23:49:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Tue, 30 Apr 2019 23:49:30 GMT

GET
H2 200 jigsaw.css
secure.victorypassport.com/styles/ 789 B
908 B 523ms
382ms Stylesheet
text/css 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/styles/jigsaw.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 406
x-xss-protection: 1; mode=block
x-request-id: 04f88379-8d91-40e8-a483-bda3a69664a8
x-runtime: 0.007188
server: nginx/1.15.8 + Phusion Passenger 6.0.2
etag: W/"1d4241902701f5e95c12b5436961a139"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: 2nJbKLhaUcnw8iQtRnmgsPc51ajEI0DV8lPsyK8267don6jAMGNcaA==

GET
H2 200 style.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ 106 KB
25 KB 426ms
422ms Stylesheet
text/css 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1556304769
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f17fef581bbc12f517cdb20b65afb3b7194c83871bbba85d9044857e1d42d2e6

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-1a7ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0880c97d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 9b6261cc3e.js Show response
use.fontawesome.com/ 9 KB
4 KB 51ms
13ms Script
text/javascript 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/9b6261cc3e.js
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d22f87893242016b19d07844de2a7b857faab225a744be22fb5e7aa58b22f65

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2017 19:42:52 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 3EEF63A413C03573
etag: W/"d4bc36675502609b9023481c471314e6"
x-cache: HIT
content-type: text/javascript
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: L79/oVjFYMyTA97h0N25LR2VulmyGe8DxkFbT1PUHA6AYp3e79/FnOAr9ccdDgthmae7SMQLTqs=

GET
H2 200 jquery.js Show response
secure.nrsc.org/wp-includes/js/jquery/ 95 KB
39 KB 424ms
420ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-includes/js/jquery/jquery.js?ver=1.12.4
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-17b9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0880e97d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 jquery-migrate.min.js Show response
secure.nrsc.org/wp-includes/js/jquery/ 10 KB
4 KB 409ms
406ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-2748"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0880f97d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 utilities.css
secure.nrsc.org/wp-content/themes/nrsc/assets/css/ 112 KB
23 KB 447ms
444ms Stylesheet
text/css 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/utilities.css?v=11
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8d69e9d82be43b935b8ac736e26b669517f55e1224b38dab2dc864ef4ae49fe

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-1c1c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0880d97d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 brands.css
use.fontawesome.com/releases/v5.2.0/css/ 637 B
624 B 50ms
13ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/brands.css
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: f450674ffd3894e4d0759e542e92cc6b1d7243b76ce7c0a3fccb62f5f578e6a2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Origin: https://secure.nrsc.org

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:07:00 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"a94b386c635e10efbe80adf7c4198cc3"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 fontawesome.css
use.fontawesome.com/releases/v5.2.0/css/ 44 KB
11 KB 62ms
25ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/fontawesome.css
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 15a4b768dcf0208dc3665c311ba8469dcb3a1b3d75d6a1a3ce553858daa2f51e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Origin: https://secure.nrsc.org

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:57 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"8969f087782a0c46deb8773407768fec"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 jigsaw_initial Show response
secure.victorypassport.com/scripts/ 813 B
1009 B 520ms
379ms Script
text/javascript 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/scripts/jigsaw_initial

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 389
x-xss-protection: 1; mode=block
x-request-id: 52e2ac6f-5b56-4bd0-8b92-0d52b3604544
x-runtime: 0.004740
server: nginx/1.15.8 + Phusion Passenger 6.0.2
etag: W/"9a95a26d3ddf3552a8232e66f655e93c"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: 0xL7QLnohTruLmzegDKq6ahbNFppmTqosY5KXhvtZYmkUtTHcS3obw==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 slidebars.min.js Show response
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 3 KB
1 KB 421ms
419ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/slidebars.min.js
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: afcb1f6c5b300318111c91317309f5cd4e621638628db4aa5beefd622ca8be10

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-d46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0881097d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 backstretch.min.js Show response
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 17 KB
7 KB 399ms
397ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/backstretch.min.js
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85990e35a1bd9710094c42c86b371a1cb549c880a191aa795b1d6ceb43de8618

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-444c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0881197d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 jquery.matchHeight.min.js Show response
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 3 KB
2 KB 432ms
429ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/jquery.matchHeight.min.js
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-d34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0881297d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 scripts.js Show response
secure.nrsc.org/wp-content/themes/nrsc/assets/js/ 234 KB
88 KB 482ms
480ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/js/scripts.js?ver=1556304769
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 065e5913be5a419de48e5d302a94fb699c4ae471ccaabf6dc16692e8880eebb2

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-3a704"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0881497d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 wp-embed.min.js Show response
secure.nrsc.org/wp-includes/js/ 1 KB
840 B 443ms
441ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-includes/js/wp-embed.min.js?ver=5.1.1
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-57b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a0881597d8-FRA
expires: Wed, 01 May 2019 03:49:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 72 KB
23 KB 60ms
60ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

5db4d8d7f761bd5c9a5b1bb80d4254f221c6801506405924b033abe4d4ca41ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 23075
x-xss-protection: 0
expires: Tue, 30 Apr 2019 23:49:30 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 23 KB
9 KB 24ms
22ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e9a20204c0446cf1dbc3d5d121129c719e1db0c69d934c17ea75ec21d98b732e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 8842
x-xss-protection: 0
server: cafe
etag: 8234191296085565200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 30 Apr 2019 23:49:30 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 95ms
22ms Script
application/javascript 151.101.120.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.120.157 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
age: 27708
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-cdg20770-CDG
last-modified: Tue, 23 Jan 2018 19:05:33 GMT
x-timer: S1556668170.477854,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 bat.js Show response
bat.bing.com/ 22 KB
7 KB 145ms
69ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: 06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:29 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 01:08:18 GMT
x-msedge-ref: Ref A: 104ADF930D8A4DB29DF22A3968948BAE Ref B: VIEEDGE0815 Ref C: 2019-04-30T23:49:30Z
access-control-allow-origin: *
etag: "0ed1a6a4bd5d41:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7002

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:81f::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/863113746/?random=1556668170426&cv=9&fst=1556668170426&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg430&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&tiba=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81f::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

9c7bada784f0b416c636897691d41991ab8625fb5c9e8195916b26f782a2f59c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
486 B 202ms
139ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o09rg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 112
pragma: no-cache
last-modified: Tue, 30 Apr 2019 23:49:30 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 1e1365c5fce1653c40268dbd0d9808dc
x-transaction: 007e9197004a07ec
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/863113746/ 42 B
109 B 23ms
22ms Image
image/gif 2a00:1450:4001:819::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/863113746/?random=1556668170426&cv=9&fst=1556665200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg430&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&tiba=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&async=1&fmt=3&cdct=2&is_vtc=1&random=2275692527&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Apr 2019 23:49:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/863113746/ 42 B
109 B 22ms
22ms Image
image/gif 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/863113746/?random=1556668170426&cv=9&fst=1556665200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg430&sendb=1&frm=0&url=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&tiba=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&async=1&fmt=3&cdct=2&is_vtc=1&random=2275692527&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Apr 2019 23:49:30 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wp-emoji-release.min.js Show response
secure.nrsc.org/wp-includes/js/ 12 KB
5 KB 454ms
454ms Script
application/x-javascript 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-includes/js/wp-emoji-release.min.js?ver=5.1.1
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
access-control-allow-origin: *
etag: W/"5cc35381-2f02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4cfd69a2593597d8-FRA
expires: Wed, 01 May 2019 03:49:31 GMT

GET
H2 200 9b6261cc3e.css
use.fontawesome.com/ 1 KB
685 B 13ms
13ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/9b6261cc3e.css
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b6261cc3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: c1aaebd3e292905247afcee12242ae79f65b1612353455ae144367fa4868e60e

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
last-modified: Tue, 11 Jul 2017 19:42:52 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 47B12FF501AAE36B
etag: W/"2c5662df2ff38a6af4baa5275eac507d"
x-cache: HIT
content-type: text/css
status: 200
cache-control: max-age=0, private, must-revalidate
x-amz-id-2: m9JK/Q35kmWaZhpjf/PG1MeB1RKdzJ/XXd5fL4uOs+DknEM/Ydx1Mi3uAg/b2FmXn4U+YSlwC9w=

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

1d5c13012f718a83fa61d5158763e125efd3e6581efd2e4b5e436d09e8281e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MNU6n9Qm27cL9TD2a4bdhg==
status: 200
date: Tue, 30 Apr 2019 23:49:30 GMT
vary: Accept-Encoding
content-length: 1779
x-fb-debug: /DIPqivmBRK0XP/epuFJD187xSLfOnYVqa3XNS/oNsaGV3ZmrSVw6RlZumpm/qDsP2lXfhFOwsgYqr1B0NgxHQ==
x-fb-content-md5: 361560d2147388cd9fce3fb35bb06f7f
etag: "acbd36b5316b8b60fec294da9b9291b5"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 May 2019 00:08:37 GMT

GET
H2 204 0
bat.bing.com/action/ 0
147 B 79ms
79ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5576699&Ver=2&mid=ad2f442e-76d8-0134-df91-7404e659848d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&p=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&r=&evt=pageLoad&msclkid=N&rn=683894
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Tue, 30 Apr 2019 23:49:29 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B468F207A2394B179A92123132702ECF Ref B: VIEEDGE0815 Ref C: 2019-04-30T23:49:30Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 font-awesome-css.min.css
use.fontawesome.com/releases/v4.7.0/css/ 30 KB
8 KB 15ms
15ms Stylesheet
text/css 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
content-encoding: gzip
last-modified: Tue, 25 Oct 2016 17:21:58 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: W/"36082410df2ef7f83932219089dc1443"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 cerabasic-regular-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ 20 KB
20 KB 413ms
412ms Font
application/x-font-woff 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/cerabasic-regular-webfont.woff2
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5517e384dacbf9151599383c4965af3f19562148376757092affd1986bab5eb0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1556304769
Origin: https://secure.nrsc.org

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:31 GMT
cf-cache-status: REVALIDATED
status: 200
content-length: 20596
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
etag: "5cc35381-5074"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4cfd69a40a0097d8-FRA
expires: Wed, 01 May 2019 03:49:31 GMT

GET
H2 200 jigsaw.css
secure.victorypassport.com/styles/ 789 B
911 B 374ms
371ms Stylesheet
text/css 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/styles/jigsaw.css?location_url=https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 406
x-xss-protection: 1; mode=block
x-request-id: 939669f9-68cb-43cd-bb11-75546bc50bc9
x-runtime: 0.006951
server: nginx/1.15.8 + Phusion Passenger 6.0.2
etag: W/"1d4241902701f5e95c12b5436961a139"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: Dt2JTBosZl8yqCZJfsxE9HKX7iNnjW3ZUqzocZBCtNBoOhtddXuAeQ==

GET
H2 200 jigsaw Show response
secure.victorypassport.com/scripts/ 2 KB
2 KB 378ms
375ms Script
text/javascript 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

43e1b6f71f90c9cb6f827a43acfaf0d278e00c61acf9c84db508e7be356c4e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1035
x-xss-protection: 1; mode=block
x-request-id: b950419b-d498-4545-b662-fa01f0ea3171
x-runtime: 0.010130
server: nginx/1.15.8 + Phusion Passenger 6.0.2
etag: W/"dd1c14344be74e3b982b0fe6e3c33055"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: YrdD2HdU3xZVuKPA47sThdIlvVUW_DK6izOZGPmSh3wiYUPajznxMA==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 cerabasic-bold-webfont.woff2
secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/ 20 KB
20 KB 473ms
472ms Font
application/x-font-woff 2606:4700::6812:a660
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.nrsc.org/wp-content/themes/nrsc/assets/fonts/cera/cerabasic-bold-webfont.woff2
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700::6812:a660 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd718c89edd9bd10538e733e1f63a9a27b6cc40cb05347a93321cb9a64f62b03

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/wp-content/themes/nrsc/assets/css/style.css?ver=1556304769
Origin: https://secure.nrsc.org

Response headers

x-type: static/known
date: Tue, 30 Apr 2019 23:49:31 GMT
cf-cache-status: REVALIDATED
status: 200
content-length: 20364
last-modified: Fri, 26 Apr 2019 18:52:49 GMT
server: cloudflare
etag: "5cc35381-4f8c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-woff
access-control-allow-origin: *
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 4cfd69a40a0597d8-FRA
expires: Wed, 01 May 2019 03:49:31 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 193 KB
58 KB 9ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=78fa6feb558085c250fa1d98ae23bc6d&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

49d8b2f6876e075d82c02eef33733ac887ee794a2970bb3485c87c1e5d18a9cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Origin: https://secure.nrsc.org

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 8MDsW5yjX4bLZ9SQQuJ8YQ==
status: 200
date: Tue, 30 Apr 2019 23:49:30 GMT
vary: Accept-Encoding
content-length: 59027
x-fb-debug: ocSg463eiETqtiGoYTXRIqbGR4e6KEqsRfs4gSzhyO9EBFUFicXzfVtuygHpIC4UIdLzOLgdpd6TYBx4iuVmQA==
x-fb-content-md5: 50399e4da3b59b7440e9c7364ca35733
etag: "2ab0a02809dd7fac715401551fdae362"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Wed, 29 Apr 2020 22:35:10 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
372 B 147ms
147ms Script
application/javascript 104.244.42.67
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o09rg&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 1; mode=block; report=https://twitter.com/i/xss_report
x-response-time: 123
pragma: no-cache
last-modified: Tue, 30 Apr 2019 23:49:31 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c97fa1f3095e03eac76640503d4c4921
x-transaction: 0030b98b0059b9a0
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 l
use.typekit.net/af/2f0e6a/00000000000000003b9b12e6/27/ 15 KB
15 KB 72ms
14ms Font
application/font-woff2 23.45.98.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2f0e6a/00000000000000003b9b12e6/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/nnp5tpv.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.98.72 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9d89f1419c265077c2dcece4c2e223a0a14c1b436086c478a40c2d40e7398511

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Origin: https://secure.nrsc.org

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
server: nginx
access-control-allow-origin: *
etag: "abb08f3b4ac895084e9344a39d3e56f8134dc5b0"
content-type: application/font-woff2
status: 200
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 15580

GET
H/1.1 200
OK widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 3B97 0
0 8ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Fsecure.nrsc.org&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40DF) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 30 Apr 2019 23:49:30 GMT
Etag: "347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified: Thu, 07 Mar 2019 17:39:26 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40DF)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5783

GET
H2 200 fontawesome-webfont.woff2
use.fontawesome.com/releases/v4.7.0/fonts/ 75 KB
76 KB 14ms
14ms Font
application/font-woff2 23.111.9.35
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/9b6261cc3e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://use.fontawesome.com/9b6261cc3e.css
Origin: https://secure.nrsc.org

Response headers

date: Tue, 30 Apr 2019 23:49:30 GMT
last-modified: Mon, 17 Jul 2017 16:24:59 GMT
server: NetDNA-cache/2.2
access-control-allow-origin: *
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/font-woff2
status: 200
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 77160

GET
H2 200 d_vbiawPdxB.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 0686 0
0 7ms
6ms Document
text/html 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/d_vbiawPdxB.js?version=44

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=78fa6feb558085c250fa1d98ae23bc6d&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/d_vbiawPdxB.js?version=44
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Response headers

status: 200
content-type: text/html; charset=utf-8
expires: Sat, 25 Apr 2020 18:20:56 GMT
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: public,max-age=31536000,immutable
x-fb-debug: kQ6SE2ALxJt267ee24rwUM5vhRp3nVOriC9kR9gb0FCd1lNv5dw0zSEkH27v1M613YWzFoUcn+uy98/fVolGGQ==
content-length: 10984
date: Tue, 30 Apr 2019 23:49:30 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 53 KB
15 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
content-length: 15397
x-xss-protection: 0
pragma: public
x-fb-debug: iGUnCPDMlNdgVey5UISHiReMmsq7lmxz/sy4e1YGZC6HmNCm3Fcc2GybhvqdclTJkb5uE6ydDZdp5NFwdnN9Tw==
date: Tue, 30 Apr 2019 23:49:31 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
5 KB 145ms
39ms Script
application/javascript 2a00:1288:7c:800::4000
YAHOO-ULS

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:7c:800::4000 , United Kingdom, ASN43428 (YAHOO-ULS, GB),

Reverse DNS

Software

ATS /

Resource Hash

bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Accept-Encoding
content-length: 4111
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 18 Oct 2018 11:16:12 GMT
server: ATS
x-frame-options: DENY
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
public-key-pins-report-only: max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
accept-ranges: bytes

GET
H2 200 scevent.min.js Show response
sc-static.net/ 13 KB
5 KB 69ms
15ms Script
application/javascript 52.222.152.27
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.152.27 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-152-27.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00d10b016aeb11da784415b45652f2cb43e012989a37313edfcb4fec3a4de8cd

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 02:42:00 GMT
content-encoding: gzip
last-modified: Sat, 27 Apr 2019 02:41:53 GMT
server: AmazonS3
age: 76054
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-id: Ta29rP8VytgpOh0JO-o62ya2Mm3vey2ajrHAILUUllz9PZgTKy5s3A==
via: 1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)

GET
H2 200 p.gif
p.typekit.net/ 35 B
201 B 35ms
14ms Image
image/gif 23.45.98.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=nnp5tpv&ht=tk&h=secure.nrsc.org&f=13407&a=7616506&js=1.19.2&app=typekit&e=js&_=1556668171003
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.98.72 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-45-98-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
last-modified: Mon, 04 Feb 2019 20:13:09 GMT
server: nginx
access-control-allow-origin: *
etag: "5c589cd5-23"
content-type: image/gif
status: 200
cache-control: max-age=604800
accept-ranges: bytes
content-length: 35
expires: Sun, 17 Feb 2019 08:57:03 GMT

GET
H2 200 1877534775869068 Show response
connect.facebook.net/signals/config/ 174 KB
42 KB 51ms
51ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1877534775869068?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

c85f35ad7c45cf5aa3e139ee0ccc64775155beb20202937992981323ab5fbb3e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: 7lv3ip4xBY5IzLz8sG61dfwVWLVcljWfORE2wlpsV/TLke75VOeFB1z5EfK/Fap0Dyh/77LCHsXel4l5D8kGVQ==
date: Tue, 30 Apr 2019 23:49:31 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 i
tr.snapchat.com/cm/ Frame D0F8 0
0 165ms
119ms Document
text/html 35.186.226.184
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: tr.snapchat.com
:scheme: https
:path: /cm/i?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Response headers

status: 200
server: nginx
date: Tue, 30 Apr 2019 23:49:31 GMT
content-type: text/html
content-length: 0
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: clear

GET
H2 200 /
www.facebook.com/tr/ 44 B
246 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1877534775869068&ev=PageView&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1556668171098&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1556668171097.963684257&it=1556668171014&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 30 Apr 2019 23:49:31 GMT

GET
H2 200 sp.pl Show response
sp.analytics.yahoo.com/ 0
449 B 139ms
41ms Script
application/x-javascript 188.125.66.33
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&jsonp=YAHOO.ywa.I13N.handleJSONResponse&d=Tue%2C%2030%20Apr%202019%2023%3A49%3A31%20GMT&n=0&b=Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC&.yp=10060016&f=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&enc=UTF-8

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

188.125.66.33 , Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
via: http/1.1 spdc0011.pbp.ir2.yahoo.com (ApacheTrafficServer)
x-content-type-options: nosniff
age: 0
status: 200
strict-transport-security: max-age=31536000
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: application/x-javascript
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
expires: Tue, 30 Apr 2019 23:49:31 GMT

GET
H2 200 4-match-donation-page-abandon-cart-trump-newt
secure.victorypassport.com/pages/nrsc/ Frame C34F 0
0 397ms
397ms Document
text/html 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.victorypassport.com/pages/nrsc/4-match-donation-page-abandon-cart-trump-newt?location=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn&location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.victorypassport.com
:scheme: https
:path: /pages/nrsc/4-match-donation-page-abandon-cart-trump-newt?location=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn&location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Response headers

status: 200 200 OK
content-type: text/html; charset=utf-8
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
date: Tue, 30 Apr 2019 23:49:31 GMT
etag: W/"e8c4060cf3c5806d7575a821e35e8bf2"
server: nginx/1.15.8 + Phusion Passenger 6.0.2
set-cookie: _mystique_session=ZXJ4Y011WE91ZzBuRFY4b1dOM1krdERGTlRGbDI0bzM3VlJtY0xCaElOeitqODFLRWJtRUlYZU5zeWRTUDcrelRoL0JPN0p2SlAvcWlyZWcvbnN4b1RaNDk1SERLV1BrcW85Wm9lZERDT3c4Nm92VjN6T1NxNjY3MTYrZWJnZ0U0UDY4bDVGSGJVRTVFWjZGRGFCY3R3PT0tLW1DTzB3VlVDSUJxRnV5NEhXNXo3T0E9PQ%3D%3D--57528814aac161093823362b79b6b5fa948528ce; path=/; expires=Thu, 30 Apr 2020 05:49:31 -0000; secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-request-id: c7dd9232-db77-41ba-bc5f-9ac3e486d592
x-runtime: 0.030757
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
x-amz-cf-id: p7g3UkLUZ0F1kDisjiroFkkMDc2PyJfUVCduTpz4MS4OmrH0HxWu_Q==

GET
H2 200 application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
secure.victorypassport.com/assets/jackal/ 20 KB
5 KB 372ms
371ms Stylesheet
text/css 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Requested by: Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
last-modified: Mon, 01 Oct 2018 19:54:05 GMT
server: nginx/1.15.8
x-cache: Miss from cloudfront
content-type: text/css
status: 200
cache-control: max-age=315360000, public
content-length: 4419
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
x-amz-cf-id: yy4uY8ySEzCQWsvc9GDrWZEGcgVNhVBxK-bDViwCzqgev36fPCveVg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js Show response
secure.victorypassport.com/assets/jackal/ 42 KB
10 KB 384ms
383ms Script
application/x-javascript 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Requested by: Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9zZWN1cmUubnJzYy5vcmcvZG9uYXRpb25fcGFnZS80eC1tYXRjaC1hY3RuLz9yZWN1cnJpbmc9dHJ1ZSZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9SkQtREwmdXRtX2NhbXBhaWduPTIwMTkwNDMwX0pELURMX05ld3RHaW5ncmljaCZ1dG1fY29udGVudD0yMDE5MDQzMF9OZXd0NHhNYXRjaF9ib2R5X3R4dF9jYW5fd2UmYWN0aW9uPWVtYWlsX2NsaWNrJmhhMT0j
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
content-encoding: gzip
last-modified: Tue, 08 Jan 2019 03:09:01 GMT
server: nginx/1.15.8
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=315360000, public
content-length: 9742
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
x-amz-cf-id: hHk8eQHli19nNXZnDorpjGHjd6ok0KdJ6qI52FZxl08Lf46qO-S-Zg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1877534775869068&ev=Microdata&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1556668171601&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Defend%20President%20Trump%27s%20Majority!%22%2C%22og%3Adescription%22%3A%22You%20have%20an%20exciting%20opportunity%20to%20make%20a%20HUGE%20impact!%20Donate%20today%20to%20have%20your%20donation%20quadruple%20matched!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%22%2C%22og%3Asite_name%22%3A%22NRSC%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fnrsc%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fwp-content%2Fuploads%2F2018%2F07%2FQUAD-match-Newt-1.jpg%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fwp-content%2Fuploads%2F2018%2F07%2FQUAD-match-Newt-1.jpg%22%7D&cd[Meta]=%7B%22title%22%3A%22Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1556668171097.963684257&it=1556668171014&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:31 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 30 Apr 2019 23:49:31 GMT

GET
H2 200 circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
secure.victorypassport.com/assets/ 444 B
796 B 9ms
8ms Image
image/jpeg 2600:9000:2047:2e00:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.victorypassport.com/assets/circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2047:2e00:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c

Request headers

Referer: https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sun, 28 Apr 2019 02:12:35 GMT
via: 1.1 59c171b9abb6b3c58e72495c539dfa68.cloudfront.net (CloudFront)
last-modified: Mon, 01 Oct 2018 19:53:09 GMT
server: nginx/1.15.8
age: 250616
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 444
x-amz-cf-id: OojMZF588PjezNidrneXeRkhxJwF1Ou8tUFHjV55DgiQ-wBJYKeP_A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 84 KB
21 KB 66ms
59ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WDLTFM

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

7da90d67686dba6a1197d09082fec48c7230f0537b00e557160cf597cfbbe16c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:32 GMT
content-encoding: br
last-modified: Mon, 29 Apr 2019 23:09:37 GMT
server: Google Tag Manager (scaffolding)
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21642
x-xss-protection: 0
expires: Tue, 30 Apr 2019 23:49:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1025
date: Tue, 30 Apr 2019 23:32:27 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 01 May 2019 01:32:27 GMT

GET
H/1.1 200
OK VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ 11 KB
11 KB 441ms
136ms Font
application/octet-stream 52.216.178.117
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.victorypassport.com/fonts/VictoryPassport.ttf
Requested by: Host: secure.nrsc.org
URL: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.178.117 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Origin: https://secure.nrsc.org

Response headers

Date: Tue, 30 Apr 2019 23:49:33 GMT
Last-Modified: Wed, 01 Jul 2015 02:35:45 GMT
Server: AmazonS3
x-amz-request-id: 8D24850C006C99D5
ETag: "7d80bd6dc0d2e81dc2274a2b29799949"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 10804
x-amz-id-2: k4Y0zwcEacxzXoc6I4O0cx8nfE11pYmmg7+nO3JZk7TOiinsLyCNAvyU0CmnmBUILBQAj2+l11Y=

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1013563831&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_gid=115676160.1556668172&gjid=770129819&_v=j73&z=1378702112
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_v=j73&z=1378702112
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_v=j73&z=1378702112&slf_rd=1&random=3480466313

42 B
109 B

26ms
25ms

Image
image/gif

2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_v=j73&z=1378702112&slf_rd=1&random=3480466313

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 30 Apr 2019 23:49:32 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Apr 2019 23:49:32 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-23419263-1&cid=1628468702.1556668172&jid=1547480529&_v=j73&z=1378702112&slf_rd=1&random=3480466313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5WDLTFM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1025
date: Tue, 30 Apr 2019 23:32:27 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 17543
expires: Wed, 01 May 2019 01:32:27 GMT

GET
H2 200 528927697229967 Show response
connect.facebook.net/signals/config/ 174 KB
45 KB 70ms
67ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/528927697229967?v=2.8.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

067e9ad73aaff00675682a9734c4d1a663837ab00fd4ed2f6cbfda20ba8bdecb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
vary: Origin, Accept-Encoding
x-xss-protection: 0
pragma: public
x-fb-debug: adZgmLG8qIzkct6TgVixMdk/s2Wc4AP+3H+JPxvUQ3KK9tGjLOPpVVmRThAN1B7x5UJWnCb00mVsMROoV26l5Q==
date: Tue, 30 Apr 2019 23:49:32 GMT
x-frame-options: DENY
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1013563831&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=1628468702.1556668172&jid=401225296&_gid=115676160.1556668172&gjid=1480604957&_v=j73&z=681887134

35 B
102 B

16ms
15ms

Image
image/gif

2a00:1450:400c:c00::9d
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=1628468702.1556668172&jid=401225296&_gid=115676160.1556668172&gjid=1480604957&_v=j73&z=681887134

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Tue, 30 Apr 2019 23:49:32 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 30 Apr 2019 23:49:32 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-23419263-11&cid=1628468702.1556668172&jid=401225296&_gid=115676160.1556668172&gjid=1480604957&_v=j73&z=681887134
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,44,43,39"
content-length: 418
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528927697229967&ev=PageView&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1556668172608&sw=1600&sh=1200&v=2.8.47&r=stable&ec=0&o=30&fbp=fb.1.1556668171097.963684257&it=1556668171014&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:32 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 30 Apr 2019 23:49:32 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=528927697229967&ev=Microdata&dl=https%3A%2F%2Fsecure.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%3Frecurring%3Dtrue%26utm_medium%3Demail%26utm_source%3DJD-DL%26utm_campaign%3D20190430_JD-DL_NewtGingrich%26utm_content%3D20190430_Newt4xMatch_body_txt_can_we%26action%3Demail_click%26ha1%3D&rl=&if=false&ts=1556668173109&cd[Schema.org]=%5B%5D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Atitle%22%3A%22Defend%20President%20Trump%27s%20Majority!%22%2C%22og%3Adescription%22%3A%22You%20have%20an%20exciting%20opportunity%20to%20make%20a%20HUGE%20impact!%20Donate%20today%20to%20have%20your%20donation%20quadruple%20matched!%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fdonation_page%2F4x-match-actn%2F%22%2C%22og%3Asite_name%22%3A%22NRSC%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2Fnrsc%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fwp-content%2Fuploads%2F2018%2F07%2FQUAD-match-Newt-1.jpg%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fwww.nrsc.org%2Fwp-content%2Fuploads%2F2018%2F07%2FQUAD-match-Newt-1.jpg%22%7D&cd[Meta]=%7B%22title%22%3A%22Defend%20President%20Trump%E2%80%99s%20Majority!%20%7C%20NRSC%22%7D&cd[DataLayer]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.8.47&r=stable&ec=1&o=30&fbp=fb.1.1556668171097.963684257&it=1556668171014&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 30 Apr 2019 23:49:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 30 Apr 2019 23:49:33 GMT

POST
H2 200 p
tr.snapchat.com/ Frame D081 0
0 134ms
133ms Document
text/html 35.186.226.184
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52RXXMH

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: tr.snapchat.com
:scheme: https
:path: /p
content-length: 533
pragma: no-cache
cache-control: no-cache
origin: https://secure.nrsc.org
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=
accept-encoding: gzip, deflate, br
Origin: https://secure.nrsc.org
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.nrsc.org/donation_page/4x-match-actn/?recurring=true&utm_medium=email&utm_source=JD-DL&utm_campaign=20190430_JD-DL_NewtGingrich&utm_content=20190430_Newt4xMatch_body_txt_can_we&action=email_click&ha1=

Response headers

status: 200
server: nginx
date: Tue, 30 Apr 2019 23:49:33 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
set-cookie: sc_at=v2|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIJNKK4/TlnYLhvaPglGAROSx2bfvWf0yJebJwVbfbAZLpa/Z4R+eEsjIAAAA=;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 google
alt-svc: clear

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.victorypassport.com/	1970-01-19 00:24:28	Name: _gat_UA-10463545-10 Value: 1
.victorypassport.com/	1970-01-19 00:24:28	Name: _gat Value: 1
m.stripe.network/	1969-12-31 23:59:59	Name: nsr Value: 1
.victorypassport.com/	1970-01-19 00:25:54	Name: _gid Value: GA1.2.1982600457.1556668172
.victorypassport.com/	1970-01-19 17:55:40	Name: _ga Value: GA1.2.388627220.1556668172
.secure.victorypassport.com/	1970-01-19 00:24:29	Name: __stripe_sid Value: d123a6b5-4be3-467b-90d6-110d5830960e
.secure.victorypassport.com/	1970-01-19 09:10:04	Name: __stripe_mid Value: d1f0410e-3cd7-4c76-9c06-6a8fdc29ada3
secure.victorypassport.com/	1970-01-19 09:10:25	Name: _mystique_session Value: ZXJ4Y011WE91ZzBuRFY4b1dOM1krdERGTlRGbDI0bzM3VlJtY0xCaElOeitqODFLRWJtRUlYZU5zeWRTUDcrelRoL0JPN0p2SlAvcWlyZWcvbnN4b1RaNDk1SERLV1BrcW85Wm9lZERDT3c4Nm92VjN6T1NxNjY3MTYrZWJnZ0U0UDY4bDVGSGJVRTVFWjZGRGFCY3R3PT0tLW1DTzB3VlVDSUJxRnV5NEhXNXo3T0E9PQ%3D%3D--57528814aac161093823362b79b6b5fa948528ce
.facebook.com/	1970-01-19 02:34:04	Name: fr Value: 0XQoBwlmcYZIg61sQ..BcyN8L...1.0.BcyN8L.
.twitter.com/	1970-01-19 17:55:40	Name: personalization_id Value: "v1_X1WVoyHm8NzGr7j0OJtvng=="
.secure.nrsc.org/	1970-01-19 00:25:54	Name: _gid Value: GA1.3.115676160.1556668172
.snapchat.com/	1970-01-19 09:46:04	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBgQ0AIQgDwIlIJNKK4/TlnYLhvaPglGAROSx2bfvWf0yJebJwVbfbAZLpa/Z4R+eEsjIAAAA=
secure.nrsc.org/	1970-01-19 09:54:14	Name: _scid Value: f95bcf00-3f57-45ed-90f2-bb704a1e610b
.secure.nrsc.org/	1970-01-19 00:24:28	Name: _gat_UA-23419263-11 Value: 1
.victorypassport.com/	1970-01-19 02:34:04	Name: _fbp Value: fb.1.1556668172607.317917317
.secure.nrsc.org/	1970-01-19 17:55:40	Name: _ga Value: GA1.3.1628468702.1556668172
.victorypassport.com/	1970-01-19 00:24:28	Name: _dc_gtm_UA-10463545-9 Value: 1
.nrsc.org/	1970-01-19 00:25:54	Name: _gid Value: GA1.2.115676160.1556668172
.nrsc.org/	1970-01-19 17:55:40	Name: _ga Value: GA1.2.1628468702.1556668172
.secure.nrsc.org/	1970-01-19 09:10:04	Name: __cfduid Value: d7b4853f6b8d8e979c0b27cb044fa15a01556668169
.nrsc.org/	1970-01-19 00:24:28	Name: _gat Value: 1
.nrsc.org/	1970-01-19 02:34:04	Name: _fbp Value: fb.1.1556668171097.963684257

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.nrsc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bat.bing.com
connect.facebook.net
fonts.googleapis.com
googleads.g.doubleclick.net
p.typekit.net
paracom.paramountcommunication.com
platform.twitter.com
s.yimg.com
s3.amazonaws.com
sc-static.net
secure-web.cisco.com
secure.nrsc.org
secure.victorypassport.com
sp.analytics.yahoo.com
static.ads-twitter.com
staticxx.facebook.com
stats.g.doubleclick.net
t.co
tr.snapchat.com
use.fontawesome.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.67
104.244.42.69
151.101.120.157
188.125.66.33
216.58.208.34
23.111.9.35
23.45.98.72
2600:9000:2047:2e00:14:71e7:1f40:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:a660
2620:101:2005:11f0::1001
2620:1ec:c11::200
2a00:1288:7c:800::4000
2a00:1450:4001:814::200e
2a00:1450:4001:819::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2008
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.186.226.184
52.216.178.117
52.222.152.27
52.33.172.146
00d10b016aeb11da784415b45652f2cb43e012989a37313edfcb4fec3a4de8cd
065e5913be5a419de48e5d302a94fb699c4ae471ccaabf6dc16692e8880eebb2
06768ff08a78f24b60973b047561141c4413864fa2d3ac9292fb0b217a81f917
067e9ad73aaff00675682a9734c4d1a663837ab00fd4ed2f6cbfda20ba8bdecb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15a4b768dcf0208dc3665c311ba8469dcb3a1b3d75d6a1a3ce553858daa2f51e
1d5c13012f718a83fa61d5158763e125efd3e6581efd2e4b5e436d09e8281e99
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
43e1b6f71f90c9cb6f827a43acfaf0d278e00c61acf9c84db508e7be356c4e19
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49d8b2f6876e075d82c02eef33733ac887ee794a2970bb3485c87c1e5d18a9cc
4d22f87893242016b19d07844de2a7b857faab225a744be22fb5e7aa58b22f65
5517e384dacbf9151599383c4965af3f19562148376757092affd1986bab5eb0
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350
5db4d8d7f761bd5c9a5b1bb80d4254f221c6801506405924b033abe4d4ca41ed
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
7da90d67686dba6a1197d09082fec48c7230f0537b00e557160cf597cfbbe16c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
85990e35a1bd9710094c42c86b371a1cb549c880a191aa795b1d6ceb43de8618
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c7bada784f0b416c636897691d41991ab8625fb5c9e8195916b26f782a2f59c
9d89f1419c265077c2dcece4c2e223a0a14c1b436086c478a40c2d40e7398511
a72261a5191d1485620242b7d3b735501757aef23dedc6d27c84919af838e756
a8d69e9d82be43b935b8ac736e26b669517f55e1224b38dab2dc864ef4ae49fe
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
afcb1f6c5b300318111c91317309f5cd4e621638628db4aa5beefd622ca8be10
bd718c89edd9bd10538e733e1f63a9a27b6cc40cb05347a93321cb9a64f62b03
bd999047408eaf20ae15ab916d344330d118fa72b0703fa1784deb648d36bb7a
be0b17a158ed2d78d10dc3a5d6dd8d11937df643a5b707245b347a8c1cd1c854
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c1aaebd3e292905247afcee12242ae79f65b1612353455ae144367fa4868e60e
c2ca207a811f05e69402560cbed35e318ad152207086c01cccf78bacf3cf8178
c533b791a8eef65604f15d20433506e1614c693eeba9df749e8a7677e43b466c
c85f35ad7c45cf5aa3e139ee0ccc64775155beb20202937992981323ab5fbb3e
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
e9a20204c0446cf1dbc3d5d121129c719e1db0c69d934c17ea75ec21d98b732e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9d0497a286a15b37eff90b7477bc7901b486a9cdc12feedd83d322f9fd2a4d
f17fef581bbc12f517cdb20b65afb3b7194c83871bbba85d9044857e1d42d2e6
f450674ffd3894e4d0759e542e92cc6b1d7243b76ce7c0a3fccb62f5f578e6a2
fa055f2f7c5b735dbbb71954f434aed79925bc00ff2ffbc3ecfc4a790689a723
fa59b1ed1b011e084474ad818b5f6986d84fc678e2f37fee9330eb52d86860b3
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

secure.nrsc.org Open in urlscan Pro 2606:4700::6812:a660 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

58 %IPv6

24 Domains

28 Subdomains

24 IPs

4 Countries

699 kBTransfer

1958 kBSize

22 Cookies

1 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.nrsc.org Open in urlscan Pro
2606:4700::6812:a660 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

58 %
IPv6

24
Domains

28
Subdomains

24
IPs

4
Countries

699 kB
Transfer

1958 kB
Size

22
Cookies

65 HTTP transactions
0 data transactions