wearegreatagain.revv.co Open in urlscan Pro
2606:4700:10::6814:543 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo...
Submission: On May 24 via manual (May 24th 2021, 10:52:30 pm UTC) from US

Summary HTTP 47 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 21 IPs in 4 countries across 14 domains to perform 47 HTTP transactions. The main IP is 2606:4700:10::6814:543, located in United States and belongs to CLOUDFLARENET, US. The main domain is wearegreatagain.revv.co.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on September 11th 2020. Valid for: a year.

This is the only time wearegreatagain.revv.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	2606:4700:10:... 2606:4700:10::6814:543	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	151.101.112.176 151.101.112.176	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	13.224.195.94 13.224.195.94	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	35.155.95.221 35.155.95.221	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f13... 2a03:2880:f130:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
47	21

7 2606:4700:10::6814:543 (United States)

ASN13335 (CLOUDFLARENET, US)

wearegreatagain.revv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.112.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.195.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-94.fra2.r.cloudfront.net

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.155.95.221 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-95-221.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f130:83:face:b00c:0:25de (France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	revv.co wearegreatagain.revv.co	211 KB
6	google-analytics.com www.google-analytics.com	21 KB
5	facebook.com www.facebook.com	516 B
4	googleapis.com maps.googleapis.com	161 KB
4	stripe.com js.stripe.com m.stripe.com	57 KB
3	google.de www.google.de	234 B
3	google.com www.google.com	238 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	1 KB
3	outbrain.com amplify.outbrain.com tr.outbrain.com	4 KB
3	facebook.net connect.facebook.net	169 KB
2	googletagmanager.com www.googletagmanager.com	88 KB
2	cloudfront.net d35ligi1n5bgzc.cloudfront.net	587 KB
1	stripe.network m.stripe.network	12 KB
1	googleadservices.com www.googleadservices.com	14 KB
47	14

	Domain	Requested by
7	wearegreatagain.revv.co	wearegreatagain.revv.co
6	www.google-analytics.com	wearegreatagain.revv.co www.google-analytics.com
5	www.facebook.com	wearegreatagain.revv.co connect.facebook.net
4	maps.googleapis.com	wearegreatagain.revv.co maps.googleapis.com
3	www.google.de	wearegreatagain.revv.co
3	www.google.com	wearegreatagain.revv.co
3	connect.facebook.net	wearegreatagain.revv.co connect.facebook.net
3	js.stripe.com	wearegreatagain.revv.co js.stripe.com
2	tr.outbrain.com	amplify.outbrain.com wearegreatagain.revv.co
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.googletagmanager.com	wearegreatagain.revv.co
2	d35ligi1n5bgzc.cloudfront.net	wearegreatagain.revv.co
1	m.stripe.com	m.stripe.network
1	googleads.g.doubleclick.net	www.googleadservices.com
1	m.stripe.network	js.stripe.com
1	amplify.outbrain.com	wearegreatagain.revv.co
1	www.googleadservices.com	www.googletagmanager.com
47	17

This site contains links to these domains. Also see Links.

Domain
revv.co
www.abc.com
support.revv.co

Subject Issuer	Validity	Valid
*.revv.co DigiCert SHA2 Secure Server CA	`2020-09-11` - `2021-10-13`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-04-14` - `2021-08-04`	4 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-16` - `2021-08-04`	4 months	crt.sh

This page contains 3 frames:

Primary Page: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
Frame ID: 21C2589C1C055999BE76C798FBF543C2
Requests: 43 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
Frame ID: BF1DE44014BB15785ADCFCE5BAAAF863
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FCD99990984569758CDC75518994FD97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

47
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

17
Subdomains

21
IPs

4
Countries

1327 kB
Transfer

3248 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://revv.co/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://revv.co/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: http://www.abc.com/
Title:

Search URL Search Domain Scan URL

URL: https://revv.co/
Title: Powered by

Search URL Search Domain Scan URL

URL: https://support.revv.co/en/
Title: Questions about your charge? Go to our Support Center

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/ 17 KB
7 KB 183ms
154ms Document
text/html 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eecd2d391ab1d4087f14731d93e503fc639fa56076befdcbbbdf51e90388e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: wearegreatagain.revv.co
:scheme: https
:path: /wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:03 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache: Hit from Revv
set-cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; domain=.revv.co; path=/; HttpOnly; Secure; SameSite=None; Secure; Secure __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3; path=/; expires=Mon, 24-May-21 23:22:03 GMT; domain=.revv.co; HttpOnly; Secure; SameSite=None
x-request-id: c73a716f-5762-4078-9fb7-664f226f70d2
x-runtime: 0.018040
x-rack-cors: miss; no-origin
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
cf-request-id: 0a422d150900004e44f2175000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 654a179b3a1b4e44-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 / Show response
js.stripe.com/v3/ 237 KB
56 KB 23ms
7ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: wearegreatagain.revv.co
URL: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7119fd70f6d0d56dfe45d1d70523f07c1484c738e714d60e2f117da5730609d

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:03 GMT
content-encoding: br
vary: Accept-Encoding
age: 245
via: 1.1 varnish
x-cache: HIT
content-length: 56215
x-amz-id-2: 0wqtUaHV6pbYDQEUSYEV5nNmIfR9XFQ9pJBMRFUmAggWsX2qHEi5rblnvXuElcew4E0D9lYQMF8=
x-served-by: cache-hhn4068-HHN
timing-allow-origin: *
last-modified: Fri, 21 May 2021 22:50:36 GMT
server: AmazonS3
etag: "ad1b1b4211b7650cbfc7ca6be4f60286"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: A2SVS9RN0BJ4FKGE
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 95

GET
H3-29 200 landing_page-01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867.css
wearegreatagain.revv.co/assets/ 217 KB
30 KB 165ms
151ms Stylesheet
text/css 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearegreatagain.revv.co/assets/landing_page-01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c46578e19bc4425e5267bd7d49fd0edc3f007b581dcb17895e1cc370182c587

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/landing_page-01713f89f08e255d951153ae482559f9620b7fffc4466e16453b5699e7148867.css
pragma: no-cache
cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: wearegreatagain.revv.co
referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-request-id: 8FP9B9CB76NF717W
cf-polished: origSize=225186
cf-ray: 654a179c59b6dfd7-FRA
last-modified: Tue, 18 May 2021 17:51:49 GMT
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: vgP5Iz3zUePXHDQOU/hJTT3VaJIQobyJDW/iH16pAwspyu2IKEXXleMYqS8hn9ZvbLpvvFV+OmE=
cf-bgj: minify
server: cloudflare
etag: W/"83b9ced6f765bca43c1827ffd55511ad"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: HNeX6JudiKf3_01i3ey6sCZHkMR0rQkb
cache-control: public, max-age=14400
cf-request-id: 0a422d15b70000dfd7ee882000000001
content-type: text/css
expires: Tue, 25 May 2021 02:52:04 GMT

GET
H3-29 200 1619194997.css
wearegreatagain.revv.co/stylesheets/rv_page_01f3zqnyqpnkvwcnm08prz64jt/ 7 KB
2 KB 39ms
26ms Stylesheet
text/css 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearegreatagain.revv.co/stylesheets/rv_page_01f3zqnyqpnkvwcnm08prz64jt/1619194997.css

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0375a9d4c43f533589c96ecfff34f146e5575279b364bed4ca518c168fce7fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:path: /stylesheets/rv_page_01f3zqnyqpnkvwcnm08prz64jt/1619194997.css
pragma: no-cache
cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: wearegreatagain.revv.co
referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Mon, 24 May 2021 22:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 300505
cf-polished: origSize=7431
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 404f27e6-aee5-4b30-b904-25a6e3bbb62a
x-runtime: 0.036464
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31556952
cf-request-id: 0a422d15b90000dfd7ce1ff000000001
cf-ray: 654a179c59afdfd7-FRA
expires: Wed, 25 May 2022 04:41:15 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 135 KB
44 KB 31ms
29ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

df31535425de158e81ba8af5e91eac9efa7acb4273468d0b1543f57ea45ad2ff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:03 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=16
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45024
x-xss-protection: 0
expires: Mon, 24 May 2021 23:22:03 GMT

GET
H3-29 200 application-landing-page-f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916.js Show response
wearegreatagain.revv.co/assets/ 600 KB
160 KB 189ms
176ms Script
application/javascript 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearegreatagain.revv.co/assets/application-landing-page-f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18f9bba277680306e22679356e9881ea31c1349734930a56a60e2d98a459d92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/application-landing-page-f95f80585988bc0e466fcc1f9a6958c69836f33c4b0fccdc7db17d0c4a3da916.js
pragma: no-cache
cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wearegreatagain.revv.co
referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-request-id: 8FPFXSBFJZ1MK7P6
cf-polished: origSize=614979
cf-ray: 654a179c59b3dfd7-FRA
last-modified: Tue, 18 May 2021 17:51:48 GMT
strict-transport-security: max-age=0; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: 11TYWrOhoeHSktIONdigmLK09/JAjDo5fnES2YQ563r0ab89mqo/v7+fXnnF5n+mAEIi9PLlTpE=
cf-bgj: minify
server: cloudflare
etag: W/"b920dbe150ad71a50872c956a1e6e082"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: br7l_G0smrRnSQocT81Ny85boLQz3K8f
cache-control: public, max-age=14400
cf-request-id: 0a422d15ba0000dfd7a19fe000000001
content-type: application/javascript
expires: Tue, 25 May 2021 02:52:04 GMT

GET
H3-29 200 api.js Show response
wearegreatagain.revv.co/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 11ms
10ms Script
text/javascript 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearegreatagain.revv.co/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /cdn-cgi/bm/cv/669835187/api.js
pragma: no-cache
cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: wearegreatagain.revv.co
referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
content-type: text/javascript
vary: Accept-Encoding
cache-control: max-age=604800, public
cf-ray: 654a179d5b05dfd7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a422d16530000dfd7da8ad000000001

GET
H2 200 Full_Color_Logo.jpg
d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/011/012/large/ 191 KB
192 KB 66ms
23ms Image
image/jpeg 13.224.195.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/logos/logo_assets/000/011/012/large/Full_Color_Logo.jpg
Requested by: Host: wearegreatagain.revv.co
URL: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9346aac425d92a891261c568a45170f0803069147b485e4bf5a6be995c6cc59

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 9JZcyFnJzmvvaCBgHjqww8BG1VAuPmBs
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
etag: "db6a78a4603db4728e8b3c7aaa4a2171"
last-modified: Thu, 06 Dec 2018 17:48:19 GMT
server: AmazonS3
age: 13606
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Mon, 24 May 2021 19:05:19 GMT
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 195601
x-amz-cf-id: vK9Qdj7yoE3RuDM1mlajcCmtzjus9CBxE5FcqO73RYtMZTHkg2Lx1g==

GET
H3-29 200 revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
wearegreatagain.revv.co/assets/ 2 KB
3 KB 136ms
136ms Image
image/webp 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://wearegreatagain.revv.co/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54dfbb3703e21e7f6c39b128067425a552070324d47063319ee64b1677e97dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

:path: /assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
pragma: no-cache
cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: wearegreatagain.revv.co
referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-amz-request-id: 9KXRHNZ7Y4EENY22
cf-polished: origFmt=png, origSize=2844
cf-ray: 654a179d8b73dfd7-FRA
content-disposition: inline; filename="revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.webp"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2152
x-amz-id-2: HWUoAQKR0QNFrU4wXyC/A63IrD9AA2IhwYp6Ogjf51ZENRqLDm3PK/KbToyefcB9xA99I37nLCA=
expires: Tue, 25 May 2021 02:52:04 GMT
last-modified: Tue, 18 May 2021 17:51:50 GMT
server: cloudflare
etag: "0bdbab7164f21196bc848a313a9e20e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains
x-amz-version-id: eLWyPimRszKy3VN2Kg4xoB5zPb.T9Iuv
vary: Accept
cache-control: public, max-age=14400
cf-request-id: 0a422d167a0000dfd7f8984000000001
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri,csam-hash

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
49 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

138d2abc4f8f6f4d28a8147ec731cd77bf3f1836dab3a5a8e99f284b472565c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49988
x-xss-protection: 0
last-modified: Mon, 24 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 May 2021 22:52:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 47ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24156
x-fb-rlafr: 0
pragma: public
x-fb-debug: 63aDVD8/tHnApyH7zA00KeySUAyakaInWaslautMU8UKcvSH/GPSkkKpNOnY+dlQ8MDLjdSozRyVpie/POHo+Q==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 24 May 2021 22:52:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
39 KB 42ms
41ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TKRDRPG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c43e433378a8e3745c4d150d84d912ca6406612383fbc8872438eec74518e400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40189
x-xss-protection: 0
last-modified: Mon, 24 May 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 May 2021 22:52:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1512
date: Mon, 24 May 2021 22:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 25 May 2021 00:26:52 GMT

GET
H2 200 08b752dc-e7af-4797-82a7-4b8aece13927-AP_TRUMP_MEDIA_98740273.jpg
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/026/821/large/ 394 KB
395 KB 30ms
29ms Image
image/jpeg 13.224.195.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/026/821/large/08b752dc-e7af-4797-82a7-4b8aece13927-AP_TRUMP_MEDIA_98740273.jpg
Requested by: Host: wearegreatagain.revv.co
URL: https://wearegreatagain.revv.co/stylesheets/rv_page_01f3zqnyqpnkvwcnm08prz64jt/1619194997.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-94.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fec3bf103438bbd661dcb2fa84044775d8eaff31d471c35cf069c9347b40309e

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Mon, 24 May 2021 12:06:09 GMT
via: 1.1 c7f7b4cf7fd5efe64bac95586db3f62b.cloudfront.net (CloudFront)
last-modified: Fri, 20 Dec 2019 15:20:00 GMT
server: AmazonS3
age: 38756
etag: "81419bb7be723a79487d4f22c1f9a8ee"
x-cache: Hit from cloudfront
x-amz-version-id: q8VAo66I9IzOqleT0CpHfSXYWgu22sr3
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 403886
x-amz-cf-id: -_82QMIao6iKUCVEYs9XxRveMohxIby5WkFOb4RBVZ5Gk85-R5G27A==

GET
H2 200 m-outer-257db74dfc4594d2bb652dc7b646dbc5.html Show response
js.stripe.com/v3/ Frame BF1D 215 B
532 B 7ms
6ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

177b03c6d80b7ba81412d538c1dbd74ba27c933a2cd8be0f802236e9f796d42e

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://wearegreatagain.revv.co/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://wearegreatagain.revv.co/

Response headers

x-amz-id-2: xxyuoGHP5u0HOJCa4BUN2lHtiEypUxdTnHbKkcti4r7e/b/aQLjNPbRpXddH6T+WqeMsn54w1ZI=
x-amz-request-id: HA1X66R2VCJ7D9CP
last-modified: Wed, 19 May 2021 22:00:34 GMT
etag: "257db74dfc4594d2bb652dc7b646dbc5"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: br
accept-ranges: bytes
date: Mon, 24 May 2021 22:52:04 GMT
via: 1.1 varnish
age: 239
x-served-by: cache-hhn4068-HHN
x-cache: HIT
x-cache-hits: 209
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: connect-src 'self'; default-src 'self'; font-src 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'
content-length: 129

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1335024538&t=pageview&_s=1&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&ul=en-us&de=UTF-8&dt=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1502977908&gjid=1186435489&cid=585064455.1621896724&tid=UA-84434001-2&_gid=538862148.1621896724&_r=1&_slc=1&z=396598141

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wearegreatagain.revv.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 1601753609962900 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 297ms
295ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1601753609962900?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a50b721b7215e1a8e5f847ed3483b9a8ebb1ef701b41d207cae00063869cc374

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: 0zh1oQSaLxyJycRnk9sDOSPWjWzHtfrNzwcHXJr0xy1h8K5Qk16RuG+05yAGsJmJGyCWXd7phut1BPufJLXLQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 24 May 2021 22:52:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 37ms
17ms Script
text/javascript 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TKRDRPG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14011
x-xss-protection: 0
server: cafe
etag: 7512236244504453440
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 May 2021 22:52:04 GMT

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 7 KB
3 KB 59ms
18ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: wearegreatagain.revv.co
URL: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 22:52:04 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Mar 2021 12:03:44 GMT
Server: AkamaiNetStorage
ETag: "c43e7f1b0459d05cce32768dd16af59b:1616414624.063318"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2864
Expires: Mon, 24 May 2021 23:12:04 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:54:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3448
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 24 May 2021 22:54:36 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
93 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-84434001-2&cid=585064455.1621896724&jid=1502977908&gjid=1186435489&_gid=538862148.1621896724&_u=IEBAAEAAAAAAAC~&z=1397224344

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 24 May 2021 22:52:04 GMT
content-type: text/plain
access-control-allow-origin: https://wearegreatagain.revv.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m-outer-b07c750376b94b0da646edc72e01a46a.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame BF1D 1 KB
809 B 7ms
7ms Script
application/javascript 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-b07c750376b94b0da646edc72e01a46a.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

45d29ba161d1bd7045e4061c1f010e9e427c2b7187f35f43f4ea77168fda261c

Security Headers

Name	Value
Content-Security-Policy	connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-257db74dfc4594d2bb652dc7b646dbc5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: br
vary: Accept-Encoding
age: 242
via: 1.1 varnish
x-cache: HIT
content-length: 630
x-amz-id-2: rILLDFWyMc4VA5Kb1XLmb806371uMYFuJdocNM0S44IcYX0xI4aKEuUUYS5proo04qxj63e5Vig=
x-served-by: cache-hhn4068-HHN
timing-allow-origin: *
last-modified: Wed, 19 May 2021 22:00:35 GMT
server: AmazonS3
etag: "ae48007340e7711406d5c8c60a6c92fe"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: 0XJTJ07EXTVMSCTT
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: connect-src 'self' https://api.stripe.com https://errors.stripe.com; default-src 'self'; font-src data: https:; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; media-src 'none'; object-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 207

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
111 B 19ms
18ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-84434001-2&cid=585064455.1621896724&jid=1502977908&_u=IEBAAEAAAAAAAC~&z=614666082

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
18ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-84434001-2&cid=585064455.1621896724&jid=1502977908&_u=IEBAAEAAAAAAAC~&z=614666082

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 result Show response
wearegreatagain.revv.co/cdn-cgi/bm/cv/ 0
554 B 11ms
10ms XHR
text/plain 2606:4700:10::6814:543
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://wearegreatagain.revv.co/cdn-cgi/bm/cv/result?req_id=654a179b3a1b4e44

Requested by

Host: wearegreatagain.revv.co
URL: https://wearegreatagain.revv.co/cdn-cgi/bm/cv/669835187/api.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:543 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
origin: https://wearegreatagain.revv.co
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: _revv_v3_session=MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3; __cf_bm=0c0f516e0c9aa3d9e74a44a08d0ff405f369d546-1621896723-1800-AbrhfmWE5kwxYb+KmXs0OkTP7qGyVwgSUN45OuQIrD0hNANWi1dCpJ0MSfMfl68BWd/q0BhJH4kff/g7fjtqLFcSoJXGFyRwtNU7wKyvO2t3; _ga=GA1.2.585064455.1621896724; _gid=GA1.2.538862148.1621896724; _gat=1; _gcl_au=1.1.104047367.1621896724
content-length: 592
:path: /cdn-cgi/bm/cv/result?req_id=654a179b3a1b4e44
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: wearegreatagain.revv.co
referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
set-cookie: __cf_bm=4c34a8c10ba5d7a71400e0db2d046ad1bfa83d1c-1621896724-1800-ATtMlOO2KD4gIy8fLNQvZKaYRf0ZfkaLwsDmeduVdb9BoUa9ka5bKrQKBvwXIay8FadGEn8I91LnJ7938rdkQZ/U7dC2TTPc64xhbqpFZ1lBLOIh0MkEB4tA0xBAqUhs/nyzVkynhuHIBPOiHj3MAgFzQ4scje26VRv/Fi5kq2eJAcwhZc92lQE1MEUGPqOcI5aBsHdncVftNt1IJJTQQc8=; path=/; expires=Mon, 24-May-21 23:22:04 GMT; domain=.revv.co; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=0; includeSubDomains
cf-ray: 654a179f0d39dfd7-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0a422d17610000dfd71402a000000001

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 31ms
16ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-73658561-7&cid=585064455.1621896724&jid=1372899593&gjid=1884731471&_gid=538862148.1621896724&_u=aGDAgEALAAAAAG~&z=2098804664

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 24 May 2021 22:52:04 GMT
content-type: text/plain
access-control-allow-origin: https://wearegreatagain.revv.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1335024538&t=pageview&_s=1&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&ul=en-us&de=UTF-8&dt=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEALAAAAAC~&jid=1372899593&gjid=1884731471&cid=585064455.1621896724&tid=UA-73658561-7&_gid=538862148.1621896724&gtm=2wg5j0NTQZ9N&z=12480717

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 10:32:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44360
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FCD9 33 KB
12 KB 8ms
7ms Document
text/html 151.101.112.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-b07c750376b94b0da646edc72e01a46a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.112.176 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

server: nginx
content-type: text/html; charset=utf-8
last-modified: Tue, 18 May 2021 19:19:33 GMT
etag: W/"60a41345-84a0"
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: public, max-age=300
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com https://stripensrq.global.ssl.fastly.net/; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 24 May 2021 22:52:04 GMT
age: 230
x-served-by: cache-sea4443-SEA, cache-hhn4068-HHN
x-cache: HIT, HIT
x-cache-hits: 2, 235
x-timer: S1621896724.329119,VS0,VE0
vary: Accept-Encoding
content-length: 12226

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/664997147/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/664997147/?random=1621896724329&cv=9&fst=1621896724329&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&tiba=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d88df254131de2d4ef5a6dd5dd15bddd930e6d498c5c58200bd918b84ca286cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
239 B 354ms
94ms Script
application/javascript 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=00beaa34f75dc651eac24ccb91dbd845b6
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: gzip
X-TraceId: a67a6c12bac3290d82f6b19df92e0b31
Content-Length: 56
Content-Type: application/javascript

GET
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 43 B
256 B 348ms
87ms Image
image/gif 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.outbrain.com/unifiedPixel?marketerId=00beaa34f75dc651eac24ccb91dbd845b6&obApiVersion=1.1&obtpVersion=1.4.1&name=PAGE_VIEW&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&optOut=false&bust=07324118700159741
Requested by: Host: wearegreatagain.revv.co
URL: https://wearegreatagain.revv.co/wa_sur_om_fb_mw-rm_di_2021-4-23/?utm_source=fb&utm_medium=ad&utm_campaign=031721_wa_pet_om_fb_bo-ci_di_2021-3-17&utm_term=djt&utm_content=1x1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 24 May 2021 22:52:04 GMT
Cache-Control: no-cache
X-TraceId: 16be42438995c5cb8ef83cc83f4d55d7
content-encoding: gzip
Content-Length: 60
Content-Type: image/gif;

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-73658561-7&cid=585064455.1621896724&jid=1372899593&_u=aGDAgEALAAAAAG~&z=1238348680

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 25ms
23ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-73658561-7&cid=585064455.1621896724&jid=1372899593&_u=aGDAgEALAAAAAG~&z=1238348680

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/664997147/ 42 B
64 B 22ms
21ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/664997147/?random=1621896724329&cv=9&fst=1621893600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&tiba=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&async=1&fmt=3&is_vtc=1&random=1730738417&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/664997147/ 42 B
64 B 22ms
22ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/664997147/?random=1621896724329&cv=9&fst=1621893600000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg5j0&sendb=1&frm=0&url=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&tiba=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&async=1&fmt=3&is_vtc=1&random=1730738417&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame FCD9 156 B
517 B 560ms
188ms XHR
text/plain 35.155.95.221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.155.95.221 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-155-95-221.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

e81edd311f39e839b847db0be95a9366c2a572cb4064ebc641c964a07f69fa32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

GET
H3-29 200 1034238416773083 Show response
connect.facebook.net/signals/config/ 255 KB
73 KB 165ms
164ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1034238416773083?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7b9c3b50bc2db688bf0fcd468b63bf13fd73c4a4f6baf2d63fd1b89926247209

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: HnVWNDQHyVM5V79fTEXc04GWwJBIA+3erItmPo+tHhNVDyOfDmoy8c7ngCMhB5/GDV0dP6qq66wh7ClzBZhNzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 24 May 2021 22:52:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 48ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1601753609962900&ev=PageView&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&rl=&if=false&ts=1621896724573&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&fbp=fb.1.1621896724571.1865429926&it=1621896724227&coo=false&exp=l1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 May 2021 22:52:04 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 48ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1601753609962900&ev=CompleteRegistration&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&rl=&if=false&ts=1621896724576&sw=1600&sh=1200&v=2.9.40&r=stable&ec=1&o=30&fbp=fb.1.1621896724571.1865429926&it=1621896724227&coo=false&exp=l1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 May 2021 22:52:04 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
16ms Image
image/gif 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1034238416773083&ev=PageView&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&rl=&if=false&ts=1621896724760&sw=1600&sh=1200&v=2.9.40&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22694994114288696%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22441318496433650%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1621896724571.1865429926&it=1621896724227&coo=false&exp=l1&rqm=GET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 22:52:04 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Mon, 24 May 2021 22:52:04 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1335024538&t=timing&_s=2&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&ul=en-us&de=UTF-8&dt=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1089&pdt=3&dns=11&rrt=0&srt=153&tcp=18&dit=490&clt=490&_gst=432&_gbt=514&_cst=194&_cbt=529&_u=aGDACEALBAAAAG~&jid=&gjid=&cid=585064455.1621896724&tid=UA-84434001-2&_gid=538862148.1621896724&z=1068590696

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 10:32:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44360
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
5ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1335024538&t=timing&_s=2&dl=https%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&ul=en-us&de=UTF-8&dt=Take%20the%20OFFICIAL%20WAGA%20Survey%20now!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1089&pdt=3&dns=11&rrt=0&srt=153&tcp=18&dit=490&clt=490&_gst=432&_gbt=514&_cst=194&_cbt=529&_u=aGDAiEALBAAAAG~&jid=&gjid=&cid=585064455.1621896724&tid=UA-73658561-7&_gid=538862148.1621896724&gtm=2wg5j0NTQZ9N&z=133871161

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 10:32:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44360
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 16ms
16ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarybqJVwYOkNzqC4W0A

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 24 May 2021 22:52:05 GMT
content-type: text/plain
access-control-allow-origin: https://wearegreatagain.revv.co
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 16ms
15ms Ping
text/plain 2a03:2880:f130:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f130:83:face:b00c:0:25de , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryF6MtHRAkdA6ZdlSb

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 24 May 2021 22:52:05 GMT
content-type: text/plain
access-control-allow-origin: https://wearegreatagain.revv.co
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H3-29 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ 85 KB
31 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 17:57:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 17699
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31670
x-xss-protection: 0
expires: Tue, 24 May 2022 17:57:10 GMT

GET
H3-29 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ 280 KB
86 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&libraries=places

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 11:49:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 39742
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87588
x-xss-protection: 0
expires: Tue, 24 May 2022 11:49:47 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 24ms
24ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwearegreatagain.revv.co%2Fwa_sur_om_fb_mw-rm_di_2021-4-23%2F%3Futm_source%3Dfb%26utm_medium%3Dad%26utm_campaign%3D031721_wa_pet_om_fb_bo-ci_di_2021-3-17%26utm_term%3Ddjt%26utm_content%3D1x1&4sAIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&callback=_xdc_._cx8x5n&key=AIzaSyDGBR6MmEzkdkem9Ci2VrraiYLneizw9Rg&token=68033

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0b243ee6149a6c381e33311c3105e800b3c20f5f3fc95c5284a217766dc016c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://wearegreatagain.revv.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 May 2021 22:52:09 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=10
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.revv.co/	1970-01-19 18:31:38	Name: __cf_bm Value: 4c34a8c10ba5d7a71400e0db2d046ad1bfa83d1c-1621896724-1800-ATtMlOO2KD4gIy8fLNQvZKaYRf0ZfkaLwsDmeduVdb9BoUa9ka5bKrQKBvwXIay8FadGEn8I91LnJ7938rdkQZ/U7dC2TTPc64xhbqpFZ1lBLOIh0MkEB4tA0xBAqUhs/nyzVkynhuHIBPOiHj3MAgFzQ4scje26VRv/Fi5kq2eJAcwhZc92lQE1MEUGPqOcI5aBsHdncVftNt1IJJTQQc8=
.revv.co/	1970-01-19 18:31:36	Name: _dc_gtm_UA-73658561-7 Value: 1
wearegreatagain.revv.co/	1970-01-19 18:31:37	Name: outbrain_cid_fetch Value: true
.revv.co/	1970-01-19 20:41:12	Name: _gcl_au Value: 1.1.104047367.1621896724
.revv.co/	1970-01-19 18:31:36	Name: _gat Value: 1
.revv.co/	1970-01-19 18:33:03	Name: _gid Value: GA1.2.538862148.1621896724
.revv.co/	1970-01-20 12:02:48	Name: _ga Value: GA1.2.585064455.1621896724
.revv.co/	1970-01-19 20:41:12	Name: _fbp Value: fb.1.1621896724571.1865429926
.revv.co/	1969-12-31 23:59:59	Name: _revv_v3_session Value: MUYyVEtIeG5tOW1qRlpCVHQvQTdpaXdpOWltQmtPVjJmaXNobWRSTWdYS2dvYVcxbXM1UG9TY2pINjRrMzh1NWxwT3JWSTNFVStZYmh0dm1FdFdhTThmVnREcGlONVZNSDVRWVdwb2V1Tm90WU5TaXFEMkNUZE5ISnJ3QzM3b1l3MnVDZzF4aTI1UzRvN1dKUnladnVOQTJTdEJ6clZyR2YvVVltWXp0N1FKVThDaWJhdUlaaG5XYkhZeHZEc1ZLZGdkeCtyMjlwRDBpTEtrZGt6ME5XMjdhZWRpWXJPTVJzRFQ0RnNzN29Fa2s3aWFSMFlwZlM3dElrMk5ybitlUm5FZHdXOURsaUlJQUtFNFcxbWgra2VTSzhBUWFNcHB1QkRja1Z5QW5odnJIU0pCS3ljUHlFbHVjYkhtbERxV0twVnVoL3ZPUzVSbUtvY3hHQmV6cDc5REV3QTJQK2hJS1FlTnRWclYrSWg2SnJXeFlXTnkvMjhnMDZzQ0tCSm5SaDF1ajBJK1oxcExQKzRJSUdOcUplUWJZK1ZUdHl5KzZpT3RVTG9BZlphSVNNaUZ0SHowOUJISkVCZDVSc2dlY3U4eWZ0b2tybDFvbkpCcEJyUWRDMDJ0UFhiVjEycHV6anNncytDLzJQYkJxZ2RKYXB5eHI3N29oU211OHQ2NjBESkRoZW5jT2g1N0ptWVNCZ2ZDbldCRk1zdERqTmlUSkl5dGEwYU5aZmVERkYrVllKdFkrTGFhQ013czdZRkh4LS12OGpHTjRnb1VlRStlS0c4UElOQ0tBPT0%3D--36f228bbec3cbfaa682cfe6868bdc71b99dfdcb3

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 24) Message: [Facebook Pixel] - Duplicate Pixel ID: 1601753609962900.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
googleads.g.doubleclick.net
js.stripe.com
m.stripe.com
m.stripe.network
maps.googleapis.com
stats.g.doubleclick.net
tr.outbrain.com
wearegreatagain.revv.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.224.195.94
142.250.184.194
151.101.112.176
2.18.234.190
2606:4700:10::6814:543
2a00:1450:4001:802::2004
2a00:1450:4001:808::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c04::9a
2a00:1450:400c:c07::9d
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f130:83:face:b00c:0:25de
35.155.95.221
64.202.112.95
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0b243ee6149a6c381e33311c3105e800b3c20f5f3fc95c5284a217766dc016c0
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
138d2abc4f8f6f4d28a8147ec731cd77bf3f1836dab3a5a8e99f284b472565c6
177b03c6d80b7ba81412d538c1dbd74ba27c933a2cd8be0f802236e9f796d42e
18f9bba277680306e22679356e9881ea31c1349734930a56a60e2d98a459d92a
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
45d29ba161d1bd7045e4061c1f010e9e427c2b7187f35f43f4ea77168fda261c
506df44f82ef782e6f5c6a7832dfd2be0638b393dca0c8d0964c616e296c83a4
54dfbb3703e21e7f6c39b128067425a552070324d47063319ee64b1677e97dcf
63429c42ee14e4837aceda0ee0546b64f0d424d9401e94948625e17d126e7778
6c46578e19bc4425e5267bd7d49fd0edc3f007b581dcb17895e1cc370182c587
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
7b9c3b50bc2db688bf0fcd468b63bf13fd73c4a4f6baf2d63fd1b89926247209
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8eecd2d391ab1d4087f14731d93e503fc639fa56076befdcbbbdf51e90388e64
a0375a9d4c43f533589c96ecfff34f146e5575279b364bed4ca518c168fce7fb
a50b721b7215e1a8e5f847ed3483b9a8ebb1ef701b41d207cae00063869cc374
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
ba6856b3aa462b18c9f5fc3b0d553eca0fe0f03d5ff668ba7d465394c85896b1
c43e433378a8e3745c4d150d84d912ca6406612383fbc8872438eec74518e400
c7119fd70f6d0d56dfe45d1d70523f07c1484c738e714d60e2f117da5730609d
d88df254131de2d4ef5a6dd5dd15bddd930e6d498c5c58200bd918b84ca286cc
d9346aac425d92a891261c568a45170f0803069147b485e4bf5a6be995c6cc59
df31535425de158e81ba8af5e91eac9efa7acb4273468d0b1543f57ea45ad2ff
e15eca5878352d8972f4e93b9aed80e34860514c23bfe9ee0a01767a291cf28a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e81edd311f39e839b847db0be95a9366c2a572cb4064ebc641c964a07f69fa32
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fec3bf103438bbd661dcb2fa84044775d8eaff31d471c35cf069c9347b40309e

wearegreatagain.revv.co Open in urlscan Pro 2606:4700:10::6814:543 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

47 Requests

100 %HTTPS

71 %IPv6

14 Domains

17 Subdomains

21 IPs

4 Countries

1327 kBTransfer

3248 kBSize

9 Cookies

5 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wearegreatagain.revv.co Open in urlscan Pro
2606:4700:10::6814:543 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

100 %
HTTPS

71 %
IPv6

14
Domains

17
Subdomains

21
IPs

4
Countries

1327 kB
Transfer

3248 kB
Size

9
Cookies

47 HTTP transactions
0 data transactions