urlscan.io logo urlscan.io
SecurityTrails logo

survey.valdemings.com Open in urlscan Pro
34.230.150.91  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.ngpvan.com/k/37824349/312766187/975597811?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Effective URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&a...
Submission: On December 08 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 10 domains to perform 24 HTTP transactions. The main IP is 34.230.150.91, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is survey.valdemings.com.
TLS certificate: Issued by Amazon on May 6th 2021. Valid for: a year.
This is the only time survey.valdemings.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.60.33.183 19551 (INCAPSULA)
1 7 34.230.150.91 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 52.216.108.139 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2.18.234.190 16625 (AKAMAI-AS)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
3 64.202.112.63 22075 (AS-OUTBRAIN)
3 2a03:2880:f11... 32934 (FACEBOOK)
24 11
1    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
click.ngpvan.com
7    34.230.150.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-150-91.compute-1.amazonaws.com
survey.valdemings.com
2    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
1    52.216.108.139 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
mason-dixon.s3.amazonaws.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
7 survey.valdemings.com 1 redirects survey.valdemings.com
ajax.googleapis.com
3 www.facebook.com survey.valdemings.com
3 tr.outbrain.com amplify.outbrain.com
survey.valdemings.com
2 www.google-analytics.com survey.valdemings.com
www.google-analytics.com
2 connect.facebook.net survey.valdemings.com
connect.facebook.net
2 use.typekit.net survey.valdemings.com
use.typekit.net
2 ajax.googleapis.com survey.valdemings.com
1 amplify.outbrain.com survey.valdemings.com
1 p.typekit.net use.typekit.net
1 maxcdn.bootstrapcdn.com survey.valdemings.com
1 mason-dixon.s3.amazonaws.com survey.valdemings.com
1 click.ngpvan.com 1 redirects
24 12

This site contains no links.

Subject Issuer Validity Valid
survey.valdemings.com
Amazon		 2021-05-06 -
2022-06-04		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-08-16 -
2022-08-16		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-05 -
2022-12-06		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-17 -
2021-12-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Frame ID: 16FC8FB00EF3C9F1A136E4C4CE3C28DB
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Filibuster Survey | 11:59 p.m. Deadline

Page URL History Show full URLs

  1. https://click.ngpvan.com/k/37824349/312766187/975597811?email=robin.hollander%40walgreens.com&zip=327... HTTP 302
    http://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgr... HTTP 301
    https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgr... Page URL

Page Statistics

24
Requests

100 %
HTTPS

58 %
IPv6

10
Domains

12
Subdomains

11
IPs

2
Countries

299 kB
Transfer

798 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.ngpvan.com/k/37824349/312766187/975597811?email=robin.hollander%40walgreens.com&zip=32789&amounts=5 HTTP 302
    http://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5 HTTP 301
    https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request demings-senate-filibuster-survey-email-Oct2021
survey.valdemings.com/
Redirect Chain
  • https://click.ngpvan.com/k/37824349/312766187/975597811?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
  • http://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
  • https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
26 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-150-91.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
dbdd1f0a3ec2e9962a0c266322ee7effe560dbf158fadbfd38689108b90a2ec0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 08 Dec 2021 17:02:59 GMT
content-type
text/html; charset=utf-8
server
nginx/1.18.0
x-powered-by
Express
etag
W/"67a6-gduMb+6ZNutJ3BmLEv2Nz5y7YHs"
content-encoding
gzip

Redirect headers

Date
Wed, 08 Dec 2021 17:02:59 GMT
Content-Type
text/html; charset=utf-8
Content-Length
340
Connection
keep-alive
Server
nginx/1.18.0
X-Powered-By
Express
Location
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Vary
Accept
classic.css
survey.valdemings.com/static/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://survey.valdemings.com/static/classic.css?v=6aedfc1
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-150-91.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
df3d15d91926f603bccb0bd7c1952b8c86f87bc5d011af9c83b6035bc6b8a2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:02:59 GMT
content-encoding
gzip
etag
W/"36b4-17d95878b79"
last-modified
Tue, 07 Dec 2021 15:33:48 GMT
server
nginx/1.18.0
x-powered-by
Express
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
angular.min.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.7/ 		155 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb479d4b1f6a64ed66d8eede4ed94c03c8c441c519415410b46e18377147cc9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 20:39:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56298
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 01 Dec 2022 20:39:53 GMT
angular-aria.js
ajax.googleapis.com/ajax/libs/angularjs/1.5.7/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular-aria.js
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
288459f529db1a3fcf0c221c44df3b0348330d00b2bd8b10abf408aa5f1c9d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 22:04:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4096
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Dec 2022 22:04:02 GMT
qwh3ybd.css
use.typekit.net/ 		2 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/qwh3ybd.css
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
8b41fbe19f1fb3e7cb469f81f995b45ca58d9cc39878edfe2ececd9bfb20c1d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Wed, 08 Dec 2021 17:02:59 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
691
survey.js
survey.valdemings.com/static/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.valdemings.com/static/survey.js?v=6aedfc1
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-150-91.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
e2cda506cae277ef05e031947d4d0942a4188ffe78f187e86e6a243e19a8c527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:02:59 GMT
content-encoding
gzip
etag
W/"48a9-17aabaf3058"
last-modified
Thu, 15 Jul 2021 19:40:23 GMT
server
nginx/1.18.0
x-powered-by
Express
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
c8bdd4219846dacb066dd007342dd20d.png
mason-dixon.s3.amazonaws.com/pagecontent/13967/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mason-dixon.s3.amazonaws.com/pagecontent/13967/c8bdd4219846dacb066dd007342dd20d.png
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.108.139 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
00cfa54cdc38471b81a628a7e707ad99fd3368620d926e764f66469ff1cbc626

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 17:03:01 GMT
Last-Modified
Mon, 07 Jun 2021 23:24:10 GMT
Server
AmazonS3
x-amz-request-id
0Z7Q1KF990J52ER6
ETag
"9eea7c4e3f48c6f372b139120ab31158"
Content-Type
application/octet-stream
Accept-Ranges
bytes
Content-Length
24722
x-amz-id-2
jBr73qa6JTOMr5VL1a+yrAcYhn7HokA1/WtCjvcx4Uw0+Xj9h8XYfgOU3WQXck4ok1FekIHLNjQ=
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.3/css/font-awesome.min.css
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
19832329
cdn-cachedat
2021-04-23 04:30:47
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
6738bb1dc8416c2e4418956d96941230
cf-ray
6ba790899c44375f-MXP
cdn-requestcountrycode
EG
cdn-requestpullsuccess
True
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=qwh3ybd&ht=tk&f=10294.10302.10304&a=87763785&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qwh3ybd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
obtp.js
amplify.outbrain.com/cp/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 17:03:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Oct 2021 12:12:10 GMT
Server
AkamaiNetStorage
ETag
"973e2603f46b719eecf8139c22b897a0:1633349530.816673"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3150
Expires
Wed, 08 Dec 2021 17:23:00 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
S015EPpRUzDVtboe1B7CTRxxF8cXrhyMTGaCHs/ufwXsnXh0Quo95kSnUxesmykL9MFTtYTDtyAuY3Sy9kYrDw==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 08 Dec 2021 17:03:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5281
date
Wed, 08 Dec 2021 15:34:59 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 08 Dec 2021 17:34:59 GMT
classic.html
survey.valdemings.com/static/survey_templates/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://survey.valdemings.com/static/survey_templates/classic.html?v=6aedfc1
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-150-91.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
29643ba4c2ef1ef98fa2741b0d99c3bdd9da5442ba7f07023aefc8a1ff3ca288

Request headers

Accept
application/json, text/plain, */*
Referer
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
content-encoding
gzip
etag
W/"aac-17aabaf3058"
last-modified
Thu, 15 Jul 2021 19:40:23 GMT
server
nginx/1.18.0
x-powered-by
Express
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
demings-senate-filibuster-survey-email-Oct2021
survey.valdemings.com/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-150-91.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
content-encoding
gzip
server
nginx/1.18.0
x-powered-by
Express
etag
W/"67a6-gduMb+6ZNutJ3BmLEv2Nz5y7YHs"
content-type
text/html; charset=utf-8
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=004fbfe8b06e4629bd3f4705ad63338585
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 17:03:00 GMT
content-encoding
gzip
X-TraceId
1f13a985546c5aee2a971aef74dbd5fe
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=004fbfe8b06e4629bd3f4705ad63338585&obApiVersion=1.1&obtpVersion=1.5.2&name=PAGE_VIEW&dl=https%3A%2F%2Fsurvey.valdemings.com%2Fdemings-senate-filibuster-survey-email-Oct2021%3Femail%3Drobin.hollander%2540walgreens.com%26zip%3D32789%26amounts%3D5&optOut=false&bust=027097532190076046
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 17:03:00 GMT
Cache-Control
no-cache
X-TraceId
21e3aa6013b708b64554103a1baeb121
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=004fbfe8b06e4629bd3f4705ad63338585&obApiVersion=1.1&obtpVersion=1.5.2&name=Lead&dl=https%3A%2F%2Fsurvey.valdemings.com%2Fdemings-senate-filibuster-survey-email-Oct2021%3Femail%3Drobin.hollander%2540walgreens.com%26zip%3D32789%26amounts%3D5&optOut=false&bust=06966891582253087
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 08 Dec 2021 17:03:00 GMT
Cache-Control
no-cache
X-TraceId
26707bd9f926c615b76819b6b1c4f12c
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
collect
www.google-analytics.com/j/ 		2 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1521009768&t=pageview&_s=1&dl=https%3A%2F%2Fsurvey.valdemings.com%2Fdemings-senate-filibuster-survey-email-Oct2021%3Femail%3Drobin.hollander%2540walgreens.com%26zip%3D32789%26amounts%3D5&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1577489072&gjid=1282923921&cid=979372703.1638982980&tid=UA-9499230-36&_gid=1420338787.1638982980&_r=1&_slc=1&z=1146215316
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://survey.valdemings.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Dec 2021 17:03:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://survey.valdemings.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
1196537354119650
connect.facebook.net/signals/config/ 		305 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1196537354119650?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
04c3e32983c6dccc46f7b0acdb8375aade1720e1ff027c606f1d083f3ed1d643
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
ZnuhPZd3b8E16ABN0xo0XIRwza6yClustvdfSA7JPu9HVnABv1ddPeNJEvmFKFdDpQGy8dOT8spkqUZ+hWd5TQ==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 08 Dec 2021 17:03:00 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
radio.html
survey.valdemings.com/static/survey_templates/common/ 		2 KB
864 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://survey.valdemings.com/static/survey_templates/common/radio.html
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/angularjs/1.5.7/angular.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.150.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-150-91.compute-1.amazonaws.com
Software
nginx/1.18.0 / Express
Resource Hash
c4e3e0814986c17ff5922c4f88494b138141b2f33b5e59c1ac7495d8d743634b

Request headers

Accept
application/json, text/plain, */*
Referer
https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
content-encoding
gzip
etag
W/"90e-17aabaf3058"
last-modified
Thu, 15 Jul 2021 19:40:23 GMT
server
nginx/1.18.0
x-powered-by
Express
content-type
text/html; charset=UTF-8
cache-control
public, max-age=0
l
use.typekit.net/af/257c86/000000000000000077359df6/30/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/257c86/000000000000000077359df6/30/l?subset_id=2&fvd=n9&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qwh3ybd.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
cbff8830c01497be5a45feb2ca1b165392065b9f4ecf0857a5e0354f155968ff

Request headers

Referer
https://use.typekit.net/qwh3ybd.css
Origin
https://survey.valdemings.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
server
nginx
etag
"2a795e0e5ebae5581d8bbc7464b46f21cf972843"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
24336
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1196537354119650&ev=PageView&dl=https%3A%2F%2Fsurvey.valdemings.com%2Fdemings-senate-filibuster-survey-email-Oct2021%3Femail%3Drobin.hollander%2540walgreens.com%26zip%3D32789%26amounts%3D5&rl=&if=false&ts=1638982980403&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1638982980402.1909692176&it=1638982980194&coo=false&exp=p1&rqm=GET
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 08 Dec 2021 17:03:00 GMT
/
www.facebook.com/tr/ 		44 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1196537354119650&ev=Lead&dl=https%3A%2F%2Fsurvey.valdemings.com%2Fdemings-senate-filibuster-survey-email-Oct2021%3Femail%3Drobin.hollander%2540walgreens.com%26zip%3D32789%26amounts%3D5&rl=&if=false&ts=1638982980406&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1638982980402.1909692176&it=1638982980194&coo=false&exp=p1&rqm=GET
Requested by
Host: survey.valdemings.com
URL: https://survey.valdemings.com/demings-senate-filibuster-survey-email-Oct2021?email=robin.hollander%40walgreens.com&zip=32789&amounts=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 08 Dec 2021 17:03:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1196537354119650&ev=Microdata&dl=https%3A%2F%2Fsurvey.valdemings.com%2Fdemings-senate-filibuster-survey-email-Oct2021%3Femail%3Drobin.hollander%2540walgreens.com%26zip%3D32789%26amounts%3D5&rl=&if=false&ts=1638982980907&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Filibuster%20Survey%20%7C%2011%3A59%20p.m.%20Deadline%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Filibuster%20Survey%20%7C%2011%3A59%20p.m.%20Deadline%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fmason-dixon.s3.amazonaws.com%2Fpagecontent%2F5971%2F55a4f4eb40e8c6d8fd716594bfb145ac.jpg%22%2C%22og%3Adescription%22%3A%22Thank%20you%20for%20speaking%20out.%20If%20you%20have%20just%2060%20more%20seconds%2C%20I%E2%80%99d%20appreciate%20your%20feedback%20to%20help%20my%20campaign%20build%20our%20winning%20strategy.%20%E2%80%93Val%20Demings%22%2C%22og%3Alocale%22%3A%22en_us%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1638982980402.1909692176&it=1638982980194&coo=false&es=automatic&tm=3&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://survey.valdemings.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 08 Dec 2021 17:03:00 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 08 Dec 2021 17:03:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| angular number| ng339 function| obApi function| fbq function| _fbq function| _toConsumableArray function| _defineProperty function| config function| analytics function| bindMerge function| SurveyController function| expressLaneButton function| expressLaneButtons function| merge function| queryParser function| ratingGroup function| submissionHandler function| BotConversationFactory function| validator function| surveyVideo function| youtubeEmbed function| _typeof object| dependencies object| script string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

9 Cookies

Domain/Path Name / Value
.ngpvan.com/ Name: visid_incap_1392936
Value: dx7m6Ro4RBiptXVkLT3vY0LlsGEAAAAAQUIPAAAAAAC4a8N1HhglfIRciV1khdMp
.ngpvan.com/ Name: nlbi_1392936
Value: EckhaIMa9Hi8nxij/rqKWQAAAACH9Ic7DDE8gCpWHQwAtRVa
.ngpvan.com/ Name: incap_ses_1288_1392936
Value: Mn4DR69zqDJSGaz4gOXfEULlsGEAAAAAKmmXcwSjbme0jcrBA3uYIA==
.valdemings.com/ Name: _ga
Value: GA1.2.979372703.1638982980
.valdemings.com/ Name: _gid
Value: GA1.2.1420338787.1638982980
.valdemings.com/ Name: _gat
Value: 1
.valdemings.com/ Name: _fbp
Value: fb.1.1638982980402.1909692176
.facebook.com/ Name: fr
Value: 0Cws5aePF8XZJyik3..BhsOVE...1.0.BhsOVE.
survey.valdemings.com/ Name: outbrain_cid_fetch
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
amplify.outbrain.com
click.ngpvan.com
connect.facebook.net
mason-dixon.s3.amazonaws.com
maxcdn.bootstrapcdn.com
p.typekit.net
survey.valdemings.com
tr.outbrain.com
use.typekit.net
www.facebook.com
www.google-analytics.com
2.18.234.190
2606:4700::6812:bcf
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.230.150.91
45.60.33.183
52.216.108.139
64.202.112.63
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
00cfa54cdc38471b81a628a7e707ad99fd3368620d926e764f66469ff1cbc626
04c3e32983c6dccc46f7b0acdb8375aade1720e1ff027c606f1d083f3ed1d643
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
288459f529db1a3fcf0c221c44df3b0348330d00b2bd8b10abf408aa5f1c9d08
29643ba4c2ef1ef98fa2741b0d99c3bdd9da5442ba7f07023aefc8a1ff3ca288
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
8b41fbe19f1fb3e7cb469f81f995b45ca58d9cc39878edfe2ececd9bfb20c1d0
998d9415269d92557b561a936955f7590d5052865044a9191a528b5a36f3afc9
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c4e3e0814986c17ff5922c4f88494b138141b2f33b5e59c1ac7495d8d743634b
cbff8830c01497be5a45feb2ca1b165392065b9f4ecf0857a5e0354f155968ff
dbdd1f0a3ec2e9962a0c266322ee7effe560dbf158fadbfd38689108b90a2ec0
df3d15d91926f603bccb0bd7c1952b8c86f87bc5d011af9c83b6035bc6b8a2d8
e2cda506cae277ef05e031947d4d0942a4188ffe78f187e86e6a243e19a8c527
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fb479d4b1f6a64ed66d8eede4ed94c03c8c441c519415410b46e18377147cc9a