urlscan.io logo urlscan.io
SecurityTrails logo

act.devinnunes.com Open in urlscan Pro
104.154.121.146  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paracom.paramountcommunication.com/ct/51480410:stA3PswIN:m:1:2149253348:BD5A22DFE799381C359C3BF2AC3C29E2:r
Effective URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_O...
Submission: On May 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 2 countries across 10 domains to perform 23 HTTP transactions. The main IP is 104.154.121.146, located in Mountain View, United States and belongs to GOOGLE - Google LLC, US. The main domain is act.devinnunes.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on April 25th 2019. Valid for: 3 months.
This is the only time act.devinnunes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.166.43.161 16509 (AMAZON-02)
3 104.154.121.146 15169 (GOOGLE)
8 2600:9000:204... 16509 (AMAZON-02)
2 52.200.31.174 14618 (AMAZON-AES)
1 52.216.134.53 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 151.101.2.110 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.210.130.157 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.216.86.189 16509 (AMAZON-02)
23 10
1    35.166.43.161 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-166-43-161.us-west-2.compute.amazonaws.com
paracom.paramountcommunication.com
3    104.154.121.146 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 146.121.154.104.bc.googleusercontent.com
act.devinnunes.com
8    2600:9000:2047:3000:14:71e7:1f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
secure.victorypassport.com
2    52.200.31.174 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-200-31-174.compute-1.amazonaws.com
s.crowdskout.com
a.crowdskout.com
1    52.216.134.53 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
s3.amazonaws.com
3    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.youtube.com
www.google-analytics.com
1    151.101.2.110 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
fast.wistia.net
1    2a00:1450:4001:820::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
s.ytimg.com
2    18.210.130.157 (Cambridge, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-18-210-130-157.compute-1.amazonaws.com
a.crowdskout.com
1    2a00:1450:4001:818::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    52.216.86.189 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
Domain Requested by
8 secure.victorypassport.com act.devinnunes.com
secure.victorypassport.com
3 a.crowdskout.com s.crowdskout.com
act.devinnunes.com
3 act.devinnunes.com act.devinnunes.com
2 www.google-analytics.com secure.victorypassport.com
act.devinnunes.com
2 s3.amazonaws.com act.devinnunes.com
1 www.googletagmanager.com secure.victorypassport.com
1 s.ytimg.com www.youtube.com
1 fast.wistia.net s.crowdskout.com
1 www.youtube.com s.crowdskout.com
1 s.crowdskout.com act.devinnunes.com
1 paracom.paramountcommunication.com 1 redirects
23 11

This site contains no links.

Subject Issuer Validity Valid
act.devinnunes.com
Let's Encrypt Authority X3		 2019-04-25 -
2019-07-24		 3 months crt.sh
*.victorypassport.com
Amazon		 2019-02-05 -
2020-03-05		 a year crt.sh
*.crowdskout.com
Go Daddy Secure Certificate Authority - G2		 2019-02-07 -
2021-02-22		 2 years crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2018-12-03 -
2019-10-25		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-16 -
2019-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Frame ID: A5260D2E97E94300640E5EACAEE82588
Requests: 22 HTTP requests in this frame

Frame: https://secure.victorypassport.com/pages/nunes/stand-with-devin-top-target-jd?location=https%3A%2F%2Fact.devinnunes.com%2Fdonate%2Fdevin-top-target-jd&location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM%3D
Frame ID: E04D2FEBC25878A7B3CB95859C11E30E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paracom.paramountcommunication.com/ct/51480410:stA3PswIN:m:1:2149253348:BD5A22DFE799381C359C3BF2AC3C29E2:r HTTP 302
    https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_c... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^Mustache$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i

Page Statistics

23
Requests

100 %
HTTPS

36 %
IPv6

10
Domains

11
Subdomains

10
IPs

2
Countries

791 kB
Transfer

1416 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paracom.paramountcommunication.com/ct/51480410:stA3PswIN:m:1:2149253348:BD5A22DFE799381C359C3BF2AC3C29E2:r HTTP 302
    https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
act.devinnunes.com/donate/devin-top-target-jd/
Redirect Chain
  • http://paracom.paramountcommunication.com/ct/51480410:stA3PswIN:m:1:2149253348:BD5A22DFE799381C359C3BF2AC3C29E2:r
  • https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.121.146 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
146.121.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
a3739a52429c41d5bc529f85bbd634e4930b7fc7686a77236d95c08951a49242

Request headers

:method
GET
:authority
act.devinnunes.com
:scheme
https
:path
/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 03 May 2019 12:06:15 GMT
content-type
text/html; charset=UTF-8
content-length
1071
link
<https://act.devinnunes.com/wp-json/>; rel="https://api.w.org/" <https://act.devinnunes.com/?p=115>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip
wpe-backend
apache
x-type
nocachearg

Redirect headers

Date
Fri, 03 May 2019 12:06:14 GMT
Content-Type
text/html; charset=utf-8
Content-Length
2703
Connection
keep-alive
Set-Cookie
AWSALB=oYsRetfQtsWTbyzzeMq+PQ8YkZQXsoGY6fR5EBHisMT9/Ru0n04uTBpp5eCOzOpHoqyGGP2VtSHzCVSyNSJ2IRRUjabXZPGaU66XfGiHXnkbivpBzQ6Fu4BKWeik; Expires=Fri, 10 May 2019 12:06:14 GMT; Path=/
Server
Apache
Vary
X-Forwarded-Proto,Accept-Encoding
AMFplus-Ver
1.4.0.0
Cache-Control
no-cache
Pragma
no-cache
Location
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Content-Encoding
gzip
download.png
act.devinnunes.com/wp-content/uploads/sites/4/2018/10/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.devinnunes.com/wp-content/uploads/sites/4/2018/10/download.png
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.121.146 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
146.121.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
00e4201d5a21a329c6cd273b51ed4bbd879a4eeb7e0ac42dd2a5e1a8a9bc7cbc

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Fri, 03 May 2019 12:06:15 GMT
last-modified
Mon, 01 Oct 2018 19:12:29 GMT
server
nginx
access-control-allow-origin
*
etag
"5bb2719d-5aa6"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
public, max-age=30
accept-ranges
bytes
content-length
23206
jigsaw_initial
secure.victorypassport.com/scripts/ 		813 B
1008 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/scripts/jigsaw_initial
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.2
x-cache
Miss from cloudfront
status
200, 200 OK
strict-transport-security
max-age=31536000; includeSubDomains
content-length
389
x-xss-protection
1; mode=block
x-request-id
aa48903a-d792-488b-9050-b7499ae17e53
x-runtime
0.006946
server
nginx/1.15.8 + Phusion Passenger 6.0.2
etag
W/"9a95a26d3ddf3552a8232e66f655e93c"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
TtcHjmxUF8TQqeqMeFAB7imRsafA4TjxCDMEuGz7RkcgKmiAEozqWA==
cp
CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
theme.css
act.devinnunes.com/wp-content/themes/child-theme/css/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.devinnunes.com/wp-content/themes/child-theme/css/theme.css?ver=5.1.1
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.121.146 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
146.121.154.104.bc.googleusercontent.com
Software
nginx /
Resource Hash
57a43f54978ac6caeba8f7ae8cd0fae924ab758f658b1cfbc89583072784b154

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-type
static/known
date
Fri, 03 May 2019 12:06:15 GMT
content-encoding
gzip
last-modified
Mon, 14 Jan 2019 16:43:03 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5c3cbc17-3498"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
public, max-age=30
jigsaw.css
secure.victorypassport.com/styles/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/styles/jigsaw.css?ver=5.1.1
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
90bb02f6ecf35736191e8f4120b6bfdd3c9f74b910396febdb0b34ba6df899f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.2
x-cache
Miss from cloudfront
status
200, 200 OK
content-length
567
x-xss-protection
1; mode=block
x-request-id
f055e485-37fd-418d-b8de-c550f83abee8
x-runtime
0.009559
server
nginx/1.15.8 + Phusion Passenger 6.0.2
etag
W/"8f4343431d941b7f39d34583da2b4fca"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
kf5WA-wIjIptWhVLJtcQXtVxTeA8nQnbuMM2QmbynuofTvb_caT02Q==
jigsaw.css
secure.victorypassport.com/styles/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/styles/jigsaw.css?location_url=https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw_initial
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
90bb02f6ecf35736191e8f4120b6bfdd3c9f74b910396febdb0b34ba6df899f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.2
x-cache
Miss from cloudfront
status
200, 200 OK
content-length
567
x-xss-protection
1; mode=block
x-request-id
b055b462-fe81-4183-9eb9-003f8900d545
x-runtime
0.008912
server
nginx/1.15.8 + Phusion Passenger 6.0.2
etag
W/"8f4343431d941b7f39d34583da2b4fca"
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
J3umJqvbJrT3ntTSowYcyLB0Hsd8k0M-anuv7BaMUtKFCawgFIyhRw==
jigsaw
secure.victorypassport.com/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM=
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw_initial
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
a2b4a984af0f414e1e91d189c9160a4c0d16c794662366283d70da29259c8966
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.2
x-cache
Miss from cloudfront
status
200, 200 OK
strict-transport-security
max-age=31536000; includeSubDomains
content-length
996
x-xss-protection
1; mode=block
x-request-id
323a633f-7045-42d7-a186-9794c2d3743d
x-runtime
0.011309
server
nginx/1.15.8 + Phusion Passenger 6.0.2
etag
W/"8940997d36812857a03ce21fca6866c5"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
cache-control
max-age=0, private, must-revalidate
x-amz-cf-id
a5R5avG0UavfSET5odhqXsmEaDFT5t-WtCBgytPgulwKGzTZ7O-csw==
cp
CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
analytics.js
s.crowdskout.com/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.crowdskout.com/analytics.js
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.200.31.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-200-31-174.compute-1.amazonaws.com
Software
openresty /
Resource Hash
24b8df93ce3f800e0b7c6994e3d6f6dc215753c10551144830b96f15d4801d80

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
content-encoding
gzip
last-modified
Fri, 26 Apr 2019 15:08:26 GMT
server
openresty
etag
W/"5cc31eea-6c33"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=86400
expires
Sat, 04 May 2019 12:06:16 GMT
a39977bb-f32d-4f34-9b50-fb063b04b021.jpg
s3.amazonaws.com/mystique.victorypassport.com/donation_page/5276/page_background_image/ 		569 KB
569 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/mystique.victorypassport.com/donation_page/5276/page_background_image/a39977bb-f32d-4f34-9b50-fb063b04b021.jpg
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.134.53 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c2416c7a599425caf512ac98111e28bb5935aeb42c2ba1892f9f6157587a5022

Request headers

Referer
https://secure.victorypassport.com/styles/jigsaw.css?ver=5.1.1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 03 May 2019 12:06:17 GMT
Last-Modified
Wed, 20 Mar 2019 14:31:45 GMT
Server
AmazonS3
x-amz-request-id
F283CB95C288D232
ETag
"0c81a939ca5e6c99a3269fb680a8f978"
Content-Type
image/jpeg
Cache-Control
max-age=604800
Accept-Ranges
bytes
Content-Length
582227
x-amz-id-2
BlMsH+FCKeKmDGLHrqeN18UdzmvSNfiIBQPyfHlonPGpzj/PRvnnd7foLoLQZYdQOs7I3k4/PZ4=
Expires
Wed, 27 Mar 2019 00:43:36 GMT
skout.js
a.crowdskout.com/ 		548 B
573 B 		Script
General
Check archive.org
Download Go to
Full URL
https://a.crowdskout.com/skout.js
Requested by
Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.200.31.174 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-200-31-174.compute-1.amazonaws.com
Software
openresty /
Resource Hash
b0b26c55d4430dd22871395c41b4a2369e14da8214aed720a48ade38495f71f1

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
content-encoding
gzip
server
openresty
access-control-allow-origin
*
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000, private
iframe_api
www.youtube.com/ 		859 B
929 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
YouTube Frontend Proxy /
Resource Hash
0011d060f6576c17cf393c03cbf211b9bef4138b8edb247a1c2bdda673cda366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
x-content-type-options
nosniff
server
YouTube Frontend Proxy
content-type
application/javascript
status
200
cache-control
no-cache
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
859
x-xss-protection
0
expires
Tue, 27 Apr 1971 19:44:06 EST
E-v1.js
fast.wistia.net/assets/external/ 		552 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.net/assets/external/E-v1.js
Requested by
Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
eb8b4c37be5d3108f30fc603f2c1d28a5821b441ebc0eee301163998ddb38c44
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
content-encoding
br
age
3551
x-cache
HIT, HIT
status
200
strict-transport-security
max-age=0
content-length
108476
via
1.1 varnish, 1.1 varnish
x-served-by
cache-sea1051-SEA, cache-hhn1530-HHN
x-browser-version
67
last-modified
Thu, 02 May 2019 19:48:26 GMT
x-timer
S1556885176.144634,VS0,VE0
etag
"5ccb498a-1a7bc"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
3, 400
stand-with-devin-top-target-jd
secure.victorypassport.com/pages/nunes/ Frame E04D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/pages/nunes/stand-with-devin-top-target-jd?location=https%3A%2F%2Fact.devinnunes.com%2Fdonate%2Fdevin-top-target-jd&location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM%3D
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
secure.victorypassport.com
:scheme
https
:path
/pages/nunes/stand-with-devin-top-target-jd?location=https%3A%2F%2Fact.devinnunes.com%2Fdonate%2Fdevin-top-target-jd&location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=

Response headers

status
200 200 OK
content-type
text/html; charset=utf-8
content-length
7317
cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
cp
CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
date
Fri, 03 May 2019 12:06:16 GMT
etag
W/"eea59131668f561a21717f5c2b90690a"
server
nginx/1.15.8 + Phusion Passenger 6.0.2
set-cookie
_mystique_session=VWVmaUg4UjBCWkZJOGNLVXd6Rjk2WkVKNlJlaXAvYUZIZkM1ZUxOOC8rdDloeDVJeXN2a2Rac2d2WVRUQzc4OEhKcThBSkF0b25vY2kzOUYzd25nMHhuS2ZaUy8zenZyMjBaREVGOUY4L283M2lIdnRjUDVZQXRPYmFoUGdhYzhjZktkSitXRWRSVHVXUitPTEdaK0hBPT0tLTY0S1NteENCaGY5emZMcTFGK01CWGc9PQ%3D%3D--677dde2e6770d798c81a79c138d1b4d0d09aec3d; path=/; expires=Sat, 02 May 2020 18:06:16 -0000; secure; HttpOnly
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-powered-by
Phusion Passenger 6.0.2
x-request-id
fb460a1c-11e1-43e1-a57d-377a33a13e23
x-runtime
0.029561
x-xss-protection
1; mode=block
x-cache
Miss from cloudfront
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
x-amz-cf-id
oeNTsSFlmEP7JQZgmhomV-7ILtLN7VvB0LApaBlh6CHEda3OWTdKwg==
application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
secure.victorypassport.com/assets/jackal/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 02 May 2019 14:22:14 GMT
content-encoding
gzip
last-modified
Mon, 01 Oct 2018 19:54:05 GMT
server
nginx/1.15.8
age
78242
x-cache
Hit from cloudfront
content-type
text/css
status
200
cache-control
max-age=315360000, public
content-length
4419
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
x-amz-cf-id
vMVHaqlDJ7ThRxusNFaAzXvVHalTr0XpRM3Ku1D4ygbvBXK_tHjQAQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
secure.victorypassport.com/assets/jackal/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9hY3QuZGV2aW5udW5lcy5jb20vZG9uYXRlL2RldmluLXRvcC10YXJnZXQtamQvP3V0bV9zb3VyY2U9UHJvc3BlY3RpbmcmdXRtX21lZGl1bT1IQS1FbWFpbCZ1dG1fY2FtcGFpZ249MjAxOS4wNS4wMl9PbnRoZW9mZmVuc2VKRF9ETl9KRCZ1dG1fY29udGVudD1CdXR0b24mcmVjdXJyaW5nPXRydWUmYW1vdW50PSM=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:04:54 GMT
content-encoding
gzip
last-modified
Tue, 08 Jan 2019 03:09:01 GMT
server
nginx/1.15.8
age
82
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=315360000, public
content-length
9742
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
x-amz-cf-id
nBdUKLgdXw4dPmLCgQEFEg2yZCDmTavDkkoBVjnELopUOobcnPkKJg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
www-widgetapi.js
s.ytimg.com/yts/jsbin/www-widgetapi-vfl9cGVgZ/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl9cGVgZ/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7c3eca218afc1869a365fac68fac54b1dd93d0531cc2abe49860d6e3db8983c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6881
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
8035
x-xss-protection
0
last-modified
Thu, 02 May 2019 02:50:40 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=691200
accept-ranges
bytes
timing-allow-origin
https://www.youtube.com
expires
Sat, 11 May 2019 10:11:35 GMT
circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
secure.victorypassport.com/assets/ 		444 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.victorypassport.com/assets/circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2047:3000:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c

Request headers

Referer
https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sun, 28 Apr 2019 02:12:35 GMT
via
1.1 e9cb084a7980d1028202eee7e07a5589.cloudfront.net (CloudFront)
last-modified
Mon, 01 Oct 2018 19:53:09 GMT
server
nginx/1.15.8
age
467621
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
444
x-amz-cf-id
V6vLGzGsb8WqqKCc0Pb6_nI9hcCL4gMd3krKlOyFiCQ1qtQo6Ov0Jw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
page-view
a.crowdskout.com/v1-1/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.crowdskout.com/v1-1/page-view
Requested by
Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.130.157 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-210-130-157.compute-1.amazonaws.com
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://act.devinnunes.com
Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
server
openresty
access-control-allow-origin
https://act.devinnunes.com
access-control-max-age
86400
access-control-allow-methods
GET,OPTIONS,HEAD,PUT,POST,DELETE
status
204
access-control-allow-credentials
true
access-control-allow-headers
Origin,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Requested-With,Token,Bearer,X-File-Name,Strict-Transport-Security
content-length
0
page-view
a.crowdskout.com/v1-1/ 		2 B
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.crowdskout.com/v1-1/page-view
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.210.130.157 Cambridge, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-210-130-157.compute-1.amazonaws.com
Software
openresty /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Origin
https://act.devinnunes.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 03 May 2019 12:06:16 GMT
content-encoding
gzip
server
openresty
status
200
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
gtm.js
www.googletagmanager.com/ 		87 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5WDLTFM
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
e7c94819ca7e3311201f28d7680b6e8b4b6cd1873e769a594077a877cd4d8b6b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 03 May 2019 12:06:17 GMT
content-encoding
br
last-modified
Thu, 02 May 2019 20:19:53 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
22000
x-xss-protection
0
expires
Fri, 03 May 2019 12:06:17 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: secure.victorypassport.com
URL: https://secure.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2028
date
Fri, 03 May 2019 11:32:29 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Fri, 03 May 2019 13:32:29 GMT
VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/assets.victorypassport.com/fonts/VictoryPassport.ttf
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.86.189 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://secure.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Origin
https://act.devinnunes.com

Response headers

Date
Fri, 03 May 2019 12:06:18 GMT
Last-Modified
Wed, 01 Jul 2015 02:35:45 GMT
Server
AmazonS3
x-amz-request-id
EB50FB9E06A2B8F3
ETag
"7d80bd6dc0d2e81dc2274a2b29799949"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Accept-Ranges
bytes
Content-Length
10804
x-amz-id-2
a9zKg2MaBA9ZEb3q4xpAgynfCUxZoo7wvo+f4uJAgAmZ9FWn/xxdwDhjGTJiZhYlLVC7XiLMN+s=
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1532833035&t=pageview&_s=1&dl=https%3A%2F%2Fact.devinnunes.com%2Fdonate%2Fdevin-top-target-jd%2F%3Futm_source%3DProspecting%26utm_medium%3DHA-Email%26utm_campaign%3D2019.05.02_OntheoffenseJD_DN_JD%26utm_content%3DButton%26recurring%3Dtrue%26amount%3D&ul=en-us&de=UTF-8&dt=Donate%20-%20Devin%20Top%20Target%20JD%20-%20Devin%20Nunes%20for%20Congress&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1675115417&gjid=259080816&cid=561573765.1556885177&tid=UA-132457920-1&_gid=2140019461.1556885177&_r=1&z=625527097
Requested by
Host: act.devinnunes.com
URL: https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act.devinnunes.com/donate/devin-top-target-jd/?utm_source=Prospecting&utm_medium=HA-Email&utm_campaign=2019.05.02_OntheoffenseJD_DN_JD&utm_content=Button&recurring=true&amount=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 May 2019 12:06:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| styleJigsaw string| styleJgsawUrl string| JSLink object| JSElement function| cs number| sourceId number| clientId number| organizationId boolean| csApiLoaded boolean| csaLoaded object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter function| _classCallCheck function| _inherits object| vp function| _createClass function| VPModal function| _get function| VPAuthorizeDialog function| VPBaseForm function| VPEventProcessor function| VPForgotPasswordForm function| VPLoginDialog function| VPLoginForm function| VPParentLocation function| VPPublishAnalytics function| VPRegistrationForm function| VPScrollToTop function| VPToolbar function| Messages function| DOMUtils function| VPUpdateBackgroundImage function| VPUpdateFrameHeight function| VPUpdateToolbar function| Utils object| vpToolbar object| vpEventProcessor boolean| ieVersion object| Mustache object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds number| csid object| dataLayer string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.crowdskout.com
act.devinnunes.com
fast.wistia.net
paracom.paramountcommunication.com
s.crowdskout.com
s.ytimg.com
s3.amazonaws.com
secure.victorypassport.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
104.154.121.146
151.101.2.110
18.210.130.157
2600:9000:2047:3000:14:71e7:1f40:93a1
2a00:1450:4001:814::200e
2a00:1450:4001:818::2008
2a00:1450:4001:820::200e
35.166.43.161
52.200.31.174
52.216.134.53
52.216.86.189
0011d060f6576c17cf393c03cbf211b9bef4138b8edb247a1c2bdda673cda366
00e4201d5a21a329c6cd273b51ed4bbd879a4eeb7e0ac42dd2a5e1a8a9bc7cbc
24b8df93ce3f800e0b7c6994e3d6f6dc215753c10551144830b96f15d4801d80
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
57a43f54978ac6caeba8f7ae8cd0fae924ab758f658b1cfbc89583072784b154
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
7c3eca218afc1869a365fac68fac54b1dd93d0531cc2abe49860d6e3db8983c6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
90bb02f6ecf35736191e8f4120b6bfdd3c9f74b910396febdb0b34ba6df899f5
a2b4a984af0f414e1e91d189c9160a4c0d16c794662366283d70da29259c8966
a3739a52429c41d5bc529f85bbd634e4930b7fc7686a77236d95c08951a49242
b0b26c55d4430dd22871395c41b4a2369e14da8214aed720a48ade38495f71f1
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
c2416c7a599425caf512ac98111e28bb5935aeb42c2ba1892f9f6157587a5022
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7c94819ca7e3311201f28d7680b6e8b4b6cd1873e769a594077a877cd4d8b6b
eb8b4c37be5d3108f30fc603f2c1d28a5821b441ebc0eee301163998ddb38c44