urlscan.io logo urlscan.io
SecurityTrails logo

heritageaction.quorum.us Open in urlscan Pro
52.44.71.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://gotoweb.co/g44r5
Effective URL: https://heritageaction.quorum.us/campaign/32807/
Submission: On April 29 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 15 domains to perform 36 HTTP transactions. The main IP is 52.44.71.168, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is heritageaction.quorum.us.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 1st 2021. Valid for: a year.
This is the only time heritageaction.quorum.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.203.11.230 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-11-230.compute-1.amazonaws.com
gotoweb.co
5    52.44.71.168 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-71-168.compute-1.amazonaws.com
heritageaction.quorum.us
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    151.101.112.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
2    2600:9000:211e:fe00:12:cac3:2380:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.quorum.us
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    52.217.168.89 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
quorum-media.s3.amazonaws.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.244.42.8 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
1    151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
2    162.247.242.20 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net
bam.nr-data.net
Domain Requested by
6 maps.googleapis.com heritageaction.quorum.us
maps.googleapis.com
5 heritageaction.quorum.us static.quorum.us
4 connect.facebook.net heritageaction.quorum.us
connect.facebook.net
2 bam.nr-data.net js-agent.newrelic.com
cdn.ravenjs.com
2 maps.gstatic.com heritageaction.quorum.us
2 www.facebook.com heritageaction.quorum.us
2 www.youtube.com heritageaction.quorum.us
www.youtube.com
2 quorum-media.s3.amazonaws.com heritageaction.quorum.us
2 static.quorum.us heritageaction.quorum.us
2 platform.twitter.com heritageaction.quorum.us
platform.twitter.com
1 js-agent.newrelic.com heritageaction.quorum.us
1 syndication.twitter.com platform.twitter.com
1 fonts.gstatic.com quorum-media.s3.amazonaws.com
1 cdn.ravenjs.com heritageaction.quorum.us
1 www.googletagmanager.com heritageaction.quorum.us
1 maxcdn.bootstrapcdn.com heritageaction.quorum.us
1 player.vimeo.com heritageaction.quorum.us
1 gotoweb.co 1 redirects
36 18

This site contains links to these domains. Also see Links.

Domain
www.quorum.us
Subject Issuer Validity Valid
*.quorum.us
Sectigo RSA Domain Validation Secure Server CA		 2021-02-01 -
2022-02-01		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-12 -
2022-04-13		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-02-22 -
2022-03-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-04-13 -
2021-07-06		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-26 -
2022-04-10		 a year crt.sh
*.nr-data.net
DigiCert SHA2 Secure Server CA		 2020-02-05 -
2022-02-08		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://heritageaction.quorum.us/campaign/32807/
Frame ID: 64AA73089C0674B8CF34C7DFB9B9E9DC
Requests: 35 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fheritageaction.quorum.us
Frame ID: 66A321157490CA936926912C6924A84C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://gotoweb.co/g44r5 HTTP 302
    https://heritageaction.quorum.us/campaign/32807/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

36
Requests

100 %
HTTPS

61 %
IPv6

15
Domains

18
Subdomains

18
IPs

2
Countries

1471 kB
Transfer

5349 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://gotoweb.co/g44r5 HTTP 302
    https://heritageaction.quorum.us/campaign/32807/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

36 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
heritageaction.quorum.us/campaign/32807/
Redirect Chain
  • http://gotoweb.co/g44r5
  • https://heritageaction.quorum.us/campaign/32807/
688 KB
106 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.71.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-71-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3994812e124fcfd075ba0cc1fbfa999279dc9b6613f2d4dfd72a7f008b7b1568
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
heritageaction.quorum.us
:scheme
https
:path
/campaign/32807/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:42 GMT
content-type
text/html; charset=utf-8
server
nginx
x-xss-protection
1; mode=block
x-content-type-options
nosniff
expires
-1
vary
Cookie
pragma
no-cache
cache-control
no-store, no-cache
set-cookie
current_version="2.11.3.137/89079689"; expires=time.struct_time(tm_year=2022, tm_mon=4, tm_mday=29, tm_hour=7, tm_min=20, tm_sec=42, tm_wday=4, tm_yday=119, tm_isdst=0); Max-Age=31536000; Path=/; secure qsesid=hxrxitvqv1k9m5gfax6hem1510jvt8od; expires=Tue, 26-Oct-2021 07:20:42 GMT; httponly; Max-Age=15552000; Path=/; SameSite=None; secure
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
gzip

Redirect headers

Date
Thu, 29 Apr 2021 07:20:42 GMT
Content-Type
text/html; charset=utf-8
Content-Length
140
Connection
keep-alive
Server
Server/3.7.0
x-frame-options
sameorigin
x-xss-protection
1; mode=block
Location
https://heritageaction.quorum.us/campaign/32807/
Vary
Accept
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669F) /
Resource Hash
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Date
Thu, 29 Apr 2021 07:20:42 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Apr 2021 17:57:32 GMT
Server
ECS (frb/669F)
Age
386
Etag
"9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28779
player.js
player.vimeo.com/api/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

X-Varnish-Cache
1
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
474
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-3
Content-Length
5898
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4064-HHN
X-Player-Backend
p
Expires
Thu, 29 Apr 2021 07:41:37 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1619680843.752702,VS0,VE0
Date
Thu, 29 Apr 2021 07:20:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Via
1.1 varnish, 1.1 varnish
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
1057
new_grassroots.css
static.quorum.us/versions/desktop/2.11.3.137/89079689/ 		100 KB
37 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.3.137/89079689/new_grassroots.css
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:fe00:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50e7a369edb5cc6461684d8e5ddfe0ecd5119b8fff1beb18858fd8a5bfa7c903

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 18:27:19 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
46404
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
37461
last-modified
Wed, 28 Apr 2021 17:51:33 GMT
server
AmazonS3
etag
"ea454c0870fce83a99f1678d3bd51d97"
content-type
text/css
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
A65YCgkFXfqcK3vsPRPl5fXj7uHnckjPKTTJOsLzQxoWSM0fSsTdiA==
expires
Thu, 31 Dec 2099 20:00:00 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Origin
https://heritageaction.quorum.us
Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
437084
cdn-cachedat
2021-04-24 06:35:00
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09be196bf90000d729d80e7000000001
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
681d067d1d27dc0a2300855c97723c43
cf-ray
6476c4f32bd1d729-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
yNyRxpAxmsnU6Zq5F036.css
quorum-media.s3.amazonaws.com/media/css/grassroots/custom/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://quorum-media.s3.amazonaws.com/media/css/grassroots/custom/yNyRxpAxmsnU6Zq5F036.css
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.168.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
c51192f403521696ef494fd1a77c9f242a2728f730d6e583a31535261d277fb5

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-server-side-encryption
AES256
Date
Thu, 29 Apr 2021 07:20:44 GMT
Content-Encoding
gzip
Last-Modified
Sun, 14 Mar 2021 20:08:08 GMT
Server
AmazonS3
x-amz-request-id
46YEYSY4BQ1TQJYN
ETag
"623cbcef87308ceadd4d938731a2e947"
Content-Type
text/css
Cache-Control
max-age=94608000
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
5738
x-amz-id-2
yaJ0gOP4ee9VSmaPU3XpQYhbb34/Ivs17qD8yEnkJ/hVOH8fdUb1miCU+pJJyy4tHPXowP1XaK4=
Expires
Thu, 31 Dec 2099 20:00:00 GMT
gtm.js
www.googletagmanager.com/ 		81 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P3QX48X
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e15a737eee950a7bec243c72d3fdf694fc8649667e900809d45163343f27653e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31085
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 29 Apr 2021 07:20:42 GMT
player_api
www.youtube.com/ 		980 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/player_api
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cache-control
private, max-age=0
permissions-policy
ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
content-type
text/javascript; charset=utf-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 29 Apr 2021 07:20:42 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23959
x-fb-rlafr
0
pragma
public
x-fb-debug
X5BPW5XVznoB0hn6V5OXq3uK8WJwKZ13cU/IYHHV9lBIpTtrZMHNGZ4JPk6TTxI8F/nMjWGLOZ5TUE7NLzgK1Q==
x-fb-trip-id
1527350943
x-frame-options
DENY
date
Thu, 29 Apr 2021 07:20:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/cb5bd7e6/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/player_api
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Tue, 27 Apr 2021 15:45:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 00:28:48 GMT
server
sffe
age
142519
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40076
x-xss-protection
0
expires
Wed, 27 Apr 2022 15:45:23 GMT
955848961510457
connect.facebook.net/signals/config/ 		254 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/955848961510457?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be3466eb12e52af9c38326594ad22fb2a55053ec6c21dbcd2ff7393938bf29db
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
latsUyQ+EgihIFuYAZwB7BIxPgifAcHhdaovElm5JqP7RFKoW8iOqecmid8nStIDZxs24D04mMTdLNBXTCXSTw==
x-frame-options
DENY
date
Thu, 29 Apr 2021 07:20:42 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
raven.min.js
cdn.ravenjs.com/3.24.1/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.24.1/raven.min.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0

Request headers

Origin
https://heritageaction.quorum.us
Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:42 GMT
content-encoding
gzip
last-modified
Mon, 09 Apr 2018 13:02:12 GMT
server
Fastly
age
9468
etag
"d9eb38ac6487cc0d2451945049b0d87d"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
13151
new_grassroots.js
static.quorum.us/versions/desktop/2.11.3.137/89079689/ 		2 MB
638 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.quorum.us/versions/desktop/2.11.3.137/89079689/new_grassroots.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:fe00:12:cac3:2380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7f2fa1c7095595c0713b1215ce37e21f633c569a1a76cd753f813807bc593b0c

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 18:27:19 GMT
content-encoding
gzip
x-amz-meta-x-amz-acl
public-read
age
46404
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
652611
last-modified
Wed, 28 Apr 2021 17:51:29 GMT
server
AmazonS3
etag
"7e7a041b44f4106268435da4050bb37d"
content-type
application/javascript
via
1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
cache-control
max-age=94608000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-amz-cf-id
o-fWhCdM8yr97y2AWFV5pykXAHKWmMVWb8qBCXbzK0t1E5DoM2mOsg==
expires
Thu, 31 Dec 2099 20:00:00 GMT
/
www.facebook.com/tr/ 		44 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=955848961510457&ev=PageView&dl=https%3A%2F%2Fheritageaction.quorum.us%2Fcampaign%2F32807%2F&rl=&if=false&ts=1619680842938&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1619680842937.1205014251&it=1619680842812&coo=false&rqm=GET
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:42 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 29 Apr 2021 07:20:42 GMT
js
maps.googleapis.com/maps/api/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
d39205527d68e42e7ebbf36239cebca6a9e8c8c74d9a2a8a15367b24aa335963
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 29 Apr 2021 07:20:43 GMT
content-encoding
gzip
vary
Accept-Language
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
server-timing
gfet4t7; dur=16
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44885
x-xss-protection
0
expires
Thu, 29 Apr 2021 07:50:43 GMT
71H3UqzVlMVWtdOjRmr4_Save-Our-Elections-Logo-WHITE.png
quorum-media.s3.amazonaws.com/media/uploaded_files/2021-03-14/fd3c23f10d91649f1f18ee1914e7b84d/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://quorum-media.s3.amazonaws.com/media/uploaded_files/2021-03-14/fd3c23f10d91649f1f18ee1914e7b84d/71H3UqzVlMVWtdOjRmr4_Save-Our-Elections-Logo-WHITE.png
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.168.89 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
ea110ded41b6d5e370f4b0c50c8ce30d6ace18aceeb953f205f62998f94bde4b

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-server-side-encryption
AES256
Date
Thu, 29 Apr 2021 07:20:44 GMT
Last-Modified
Sun, 14 Mar 2021 18:45:56 GMT
Server
AmazonS3
x-amz-request-id
46YFBNBQ25Y92DXF
ETag
"b4a92b9391a402e435a71f4f3db20f69"
Content-Type
image/png
Cache-Control
max-age=94608000
Accept-Ranges
bytes
X-Robots-Tag
noindex
Content-Length
25461
x-amz-id-2
C8PtQxy62NW3x3/eihzhlt8SrewO3/K654T2oJd8OqjQp66SHFaLQuQEVvo7WA2r5vvsEWh+CnU=
Expires
Thu, 31 Dec 2099 20:00:00 GMT
ySZTeT3IuzJj0GK6uGpbBg.ttf
fonts.gstatic.com/s/nunito/v7/ 		49 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunito/v7/ySZTeT3IuzJj0GK6uGpbBg.ttf
Requested by
Host: quorum-media.s3.amazonaws.com
URL: https://quorum-media.s3.amazonaws.com/media/css/grassroots/custom/yNyRxpAxmsnU6Zq5F036.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4818c7914fc7fd9ae882615029656c37e3bf48fdcbc85ac735a0f51cb2b231d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://heritageaction.quorum.us
Referer
https://quorum-media.s3.amazonaws.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 22 Apr 2021 20:27:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
557599
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28285
x-xss-protection
0
last-modified
Mon, 06 Oct 2014 20:40:06 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 20:27:24 GMT
/
heritageaction.quorum.us/api/grassrootscustomevent/ 		276 B
475 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heritageaction.quorum.us/api/grassrootscustomevent/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.137/89079689/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.71.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-71-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b25e1e7145a66edbf71a2d71a39de7b8b9f9aafea4891b7d8bbc663a478144b1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/api/grassrootscustomevent/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
pragma
no-cache
cookie
current_version="2.11.3.137/89079689"; qsesid=hxrxitvqv1k9m5gfax6hem1510jvt8od; _fbp=fb.1.1619680842937.1205014251
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
heritageaction.quorum.us
referer
https://heritageaction.quorum.us/campaign/32807/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://heritageaction.quorum.us/campaign/32807/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 07:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
/
heritageaction.quorum.us/api/grassrootsissue/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heritageaction.quorum.us/api/grassrootsissue/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.137/89079689/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.71.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-71-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
06edb09e9900c88829ec8a5f44cca81c1cf8ef2ab6cfc7b3259e2cc60c4b0192
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/api/grassrootsissue/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0
pragma
no-cache
cookie
current_version="2.11.3.137/89079689"; qsesid=hxrxitvqv1k9m5gfax6hem1510jvt8od; _fbp=fb.1.1619680842937.1205014251
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
heritageaction.quorum.us
referer
https://heritageaction.quorum.us/campaign/32807/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://heritageaction.quorum.us/campaign/32807/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 07:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
/
heritageaction.quorum.us/api/grassrootsregistrationpage/ 		613 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://heritageaction.quorum.us/api/grassrootsregistrationpage/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0&only_fields=allowed_donation_methods%2Cdisclaimer_text%2Cdonation_amounts%2Cdonation_form_type%2Cdonation_method_prompt_text%2Cdonation_amount_credit_prompt_text%2Cdonation_amount_payroll_prompt_text%2Cform_fields%2Cid%2Cpost_submission_action_type%2Cpost_text%2Cpre_text%2Credirect_url%2Cthank_you_text&grassroots_form_type=2
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.137/89079689/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.71.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-71-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5c619b22c112f6aa5749dea833cbfec6e9cd65b34f8a90223a2ae47717090bd4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/api/grassrootsregistrationpage/?decode_enums=false&count=false&exclude=%7B%7D&archived=false&limit=0&max_limit=0&only_fields=allowed_donation_methods%2Cdisclaimer_text%2Cdonation_amounts%2Cdonation_form_type%2Cdonation_method_prompt_text%2Cdonation_amount_credit_prompt_text%2Cdonation_amount_payroll_prompt_text%2Cform_fields%2Cid%2Cpost_submission_action_type%2Cpost_text%2Cpre_text%2Credirect_url%2Cthank_you_text&grassroots_form_type=2
pragma
no-cache
cookie
current_version="2.11.3.137/89079689"; qsesid=hxrxitvqv1k9m5gfax6hem1510jvt8od; _fbp=fb.1.1619680842937.1205014251
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
heritageaction.quorum.us
referer
https://heritageaction.quorum.us/campaign/32807/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://heritageaction.quorum.us/campaign/32807/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 07:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
/
heritageaction.quorum.us/api/grassrootscampaign/get_grassroots_campaign_detail/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://heritageaction.quorum.us/api/grassrootscampaign/get_grassroots_campaign_detail/?slug=32807&widget_type=1&dehydrate_extra=can_participate&decode_enums=false&count=false&exclude=%7B%7D
Requested by
Host: static.quorum.us
URL: https://static.quorum.us/versions/desktop/2.11.3.137/89079689/new_grassroots.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.44.71.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-44-71-168.compute-1.amazonaws.com
Software
nginx /
Resource Hash
533097210582901be3fd4145e318d2fd8a4f88d2c8cdd2523b87138dc7f34ea5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/api/grassrootscampaign/get_grassroots_campaign_detail/?slug=32807&widget_type=1&dehydrate_extra=can_participate&decode_enums=false&count=false&exclude=%7B%7D
pragma
no-cache
cookie
current_version="2.11.3.137/89079689"; qsesid=hxrxitvqv1k9m5gfax6hem1510jvt8od; _fbp=fb.1.1619680842937.1205014251
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode
cors
accept
application/json, text/plain, */*
cache-control
no-cache
sec-fetch-dest
empty
:authority
heritageaction.quorum.us
referer
https://heritageaction.quorum.us/campaign/32807/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/plain, */*
Referer
https://heritageaction.quorum.us/campaign/32807/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 07:20:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept, Cookie
content-type
application/json
cache-control
no-store, no-cache
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-xss-protection
1; mode=block
expires
-1
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
37979214ad31c90e2d063fec3828eaacf3626894623d7e725772c94be9f618f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
MzNsnq5Z2z4OhKuTqS4CIQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1779
x-fb-rlafr
0
x-fb-debug
HGUah69eA4R+s59A2jUPIS24udXUfdiObNJ/2ku/tadX2otoQgIkflJUsb9hHrh6cnLJ9/q5b7zK7nf80F+roA==
x-fb-content-md5
25ddf39ee5e7c2281f72f98ace025133
x-frame-options
DENY
date
Thu, 29 Apr 2021 07:20:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"b6834cf121131bf42adc20a145d17f53"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Apr 2021 07:25:44 GMT
widget_iframe.06c6ee58c3810956b7509218508c7b56.html
platform.twitter.com/widgets/ Frame 66A3 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fheritageaction.quorum.us
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D6) /
Resource Hash
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://heritageaction.quorum.us/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Referer
https://heritageaction.quorum.us/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
39408
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Thu, 29 Apr 2021 07:20:43 GMT
Etag
"dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified
Wed, 28 Apr 2021 17:56:54 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D6)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105298
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=955848961510457&ev=Microdata&dl=https%3A%2F%2Fheritageaction.quorum.us%2Fcampaign%2F32807%2F&rl=&if=false&ts=1619680843576&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Heritage%20Action%20for%20America%20%7C%20Action%20Center%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Save%20Our%20Elections%22%2C%22og%3Aurl%22%3A%22%2Fcampaign%2F32807%2F%22%2C%22og%3Adescription%22%3A%22Help%20secure%20our%20election%20laws.%20Together%2C%20we%20can%20make%20sure%20every%20citizen%27s%20vote%20is%20counted%2C%20legally%20and%20fairly.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fquorum-media.s3.amazonaws.com%2Fmedia%2Fuploaded_files%2F2021-03-14%2Ffd3c23f10d91649f1f18ee1914e7b84d%2FNCazKm325759hvXOOUly_Save-Our-Elections-Logo-COLOR.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fquorum-media.s3.amazonaws.com%2Fmedia%2Fuploaded_files%2F2021-03-14%2Ffd3c23f10d91649f1f18ee1914e7b84d%2FNCazKm325759hvXOOUly_Save-Our-Elections-Logo-COLOR.png%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1619680842937.1205014251&it=1619680842812&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 29 Apr 2021 07:20:43 GMT
sdk.js
connect.facebook.net/en_US/ 		215 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0be66d7c3272edef3d878be769fcc5df
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c48fa7e668a3dd18c6cfa7a70d763f0e38317e20c194fabc9242f0bac626ca2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://heritageaction.quorum.us
Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
vKiF8ylMDoXpnSQDTHx5XQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
64966
x-fb-rlafr
0
x-fb-debug
HJyaCmrwIqcrDnKA4EXfe4kJvrLNe9Tx+dmU5XE9AhSB4Jtu/hnWJl/DLRxvAo+Sb5obqR7awQWfRXKfdsoDCA==
x-fb-content-md5
e11ae318f81867c67a5602d80d11c217
x-frame-options
DENY
date
Thu, 29 Apr 2021 07:20:43 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"3aef958f1e9bc1617b5c193f3ed098ff"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 29 Apr 2022 06:11:16 GMT
settings
syndication.twitter.com/ Frame 66A3 		183 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=16414b39f0651c20647ebd18ae7451f622513f6f
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fheritageaction.quorum.us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_devel /
Resource Hash
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:43 GMT
content-encoding
gzip
last-modified
Thu, 29 Apr 2021 07:20:43 GMT
server
tsa_devel
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
c80933234d869a8139fd900fa8920f8cec1e8bde835345a0fd7247c1efbb0107
content-length
152
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60

Request headers

Referer
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Content-Type
image/png
common.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/12/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cac2b0eb4792338c47e5692a01b975e32fc979c6280ab87e971c349d3d5e1654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 19:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 21:57:52 GMT
server
sffe
age
43790
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31684
x-xss-protection
0
expires
Thu, 28 Apr 2022 19:10:53 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ 		280 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/12/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc79d142fe5b1b38a92d46689548d3047b703d5b00cebcf90f46a0d4ffcc3236
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 19:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 21:57:52 GMT
server
sffe
age
43790
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87544
x-xss-protection
0
expires
Thu, 28 Apr 2022 19:10:53 GMT
controls.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/12/controls.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bd4ddf9a9d1084d9b10eeb457fe5abcb35c313e6124230369a804da9c268036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 19:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 21:57:52 GMT
server
sffe
age
43789
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27672
x-xss-protection
0
expires
Thu, 28 Apr 2022 19:10:54 GMT
places_impl.js
maps.googleapis.com/maps-api-v3/api/js/44/12/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/44/12/places_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&libraries=places
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eceb5a1c6301feb3dd752bc6b5c10569cedd184f3f75503d13f312aadaf207f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Wed, 28 Apr 2021 19:10:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 27 Apr 2021 21:57:52 GMT
server
sffe
age
43789
vary
Accept-Encoding, Origin
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16919
x-xss-protection
0
expires
Thu, 28 Apr 2022 19:10:54 GMT
powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1616
x-xss-protection
0
expires
Thu, 29 Apr 2021 07:20:43 GMT
autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date
Thu, 29 Apr 2021 07:20:43 GMT
x-content-type-options
nosniff
last-modified
Thu, 17 Oct 2019 23:15:00 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3351
x-xss-protection
0
expires
Thu, 29 Apr 2021 07:20:43 GMT
nr-1208.min.js
js-agent.newrelic.com/ 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-1208.min.js
Requested by
Host: heritageaction.quorum.us
URL: https://heritageaction.quorum.us/campaign/32807/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id
RGJXhnJ2IqU3nLrOoxetOoKLCG4kx4sX
content-encoding
gzip
etag
"1a71e4208296f97b465116492f59124d"
x-amz-request-id
DFZCY10K7ZS1T3PF
x-cache
HIT
content-length
11777
x-amz-id-2
4+5W1y2tsdHLVv1trzLrts8GoOvSB55FAqeyd5oh0h04+xQ6FJMTonh0u/oFN9jVhWni1XRPJ4c=
x-served-by
cache-hhn4068-HHN
last-modified
Wed, 10 Mar 2021 16:24:28 GMT
server
AmazonS3
x-timer
S1619680844.938425,VS0,VE0
date
Thu, 29 Apr 2021 07:20:43 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
13539
d1446abd66
bam.nr-data.net/1/ 		57 B
275 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/d1446abd66?a=16272126&v=1208.49599aa&to=ZVYGZERRX0IFBxJeX1wcIkVYU0VYCwpJVkBCHQNCV0NCQwsLEkQeXFYTRl9VRkJeKgNAd0BSF0NEX15FFzIPUkccVAFE&rst=2040&ck=1&ref=https://heritageaction.quorum.us/campaign/32807/&ap=110&be=821&fe=1936&dc=1635&af=err,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1619680841924,%22n%22:0,%22f%22:271,%22dn%22:272,%22dne%22:311,%22c%22:311,%22s%22:330,%22ce%22:511,%22rq%22:511,%22rp%22:810,%22rpe%22:968,%22dl%22:813,%22di%22:1635,%22ds%22:1635,%22de%22:1637,%22dc%22:1936,%22l%22:1936,%22le%22:1940%7D,%22navigation%22:%7B%7D%7D&fp=1651&fcp=1651&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1208.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fheritageaction.quorum.us%2Fcampaign%2F32807%2F&4sAIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&callback=_xdc_._px2syo&key=AIzaSyBjcvwlpc-T0EqNj24kQrhZEaM7cA2DI6o&token=9413
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/12/common.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
204760af3c386e6d06d9dcf2ef9273665e547b256eecb99c12198fadc7065f39
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma
no-cache
date
Thu, 29 Apr 2021 07:20:48 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=28
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
d1446abd66
bam.nr-data.net/events/1/ 		24 B
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/d1446abd66?a=16272126&v=1208.49599aa&to=ZVYGZERRX0IFBxJeX1wcIkVYU0VYCwpJVkBCHQNCV0NCQwsLEkQeXFYTRl9VRkJeKgNAd0BSF0NEX15FFzIPUkccVAFE&rst=12040&ck=1&ref=https://heritageaction.quorum.us/campaign/32807/
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.24.1/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.20 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
bam-8.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://heritageaction.quorum.us/
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://heritageaction.quorum.us
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer function| detectIEEdge boolean| ieVersion object| NREUM object| newrelic function| __nr_require object| __twttrll object| twttr object| __twttr object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| google_tag_manager function| fbq function| _fbq object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| DJANGIO_ENTRY_POINT object| google object| module$exports$mapsapi$util$event object| module$contents$mapsapi$overlay$OverlayView_OverlayView object| Raven object| optionalFields string| property object| action_center_settings number| supporter_points object| organization object| pages string| index_route object| organization_design object| userdata object| Userdata object| permissions string| language string| sso_url object| registrationPages object| customFields object| campaignList boolean| cookielessSafariWindow boolean| registrationForm function| inIframe object| core object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| axios object| DjangIO function| swal function| sweetAlert function| generateStaticUrl function| BACKENDERROR function| segue object| store function| SearchifyWrapper object| options function| setRavenContext function| fbAsyncInit object| FB object| __e3_ object| _xdc_

3 Cookies

Domain/Path Name / Value
heritageaction.quorum.us/ Name: qsesid
Value: hxrxitvqv1k9m5gfax6hem1510jvt8od
.quorum.us/ Name: _fbp
Value: fb.1.1619680842937.1205014251
heritageaction.quorum.us/ Name: current_version
Value: "2.11.3.137/89079689"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn.ravenjs.com
connect.facebook.net
fonts.gstatic.com
gotoweb.co
heritageaction.quorum.us
js-agent.newrelic.com
maps.googleapis.com
maps.gstatic.com
maxcdn.bootstrapcdn.com
platform.twitter.com
player.vimeo.com
quorum-media.s3.amazonaws.com
static.quorum.us
syndication.twitter.com
www.facebook.com
www.googletagmanager.com
www.youtube.com
104.244.42.8
151.101.112.217
151.101.114.110
162.247.242.20
2600:9000:211e:fe00:12:cac3:2380:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:acf
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2003
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::729
52.203.11.230
52.217.168.89
52.44.71.168
06edb09e9900c88829ec8a5f44cca81c1cf8ef2ab6cfc7b3259e2cc60c4b0192
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c48fa7e668a3dd18c6cfa7a70d763f0e38317e20c194fabc9242f0bac626ca2
204760af3c386e6d06d9dcf2ef9273665e547b256eecb99c12198fadc7065f39
2fff9d42b48b67b86f3f657418733d38176fa5eca4c13cf5f946f9ca410be4bd
37979214ad31c90e2d063fec3828eaacf3626894623d7e725772c94be9f618f9
3994812e124fcfd075ba0cc1fbfa999279dc9b6613f2d4dfd72a7f008b7b1568
4014ca31d3c8e768608a40ed160a405ae39836a5b2c43f256bee3bdf427dd67f
45c21e543acfcaa9e5a503228d1943c876b11d80a0721aa4e159c3affeb6ede0
4818c7914fc7fd9ae882615029656c37e3bf48fdcbc85ac735a0f51cb2b231d3
4adc290ce6633839d17ed792daaaceb7d927fea11868158a635ff31d01ce3b60
50e7a369edb5cc6461684d8e5ddfe0ecd5119b8fff1beb18858fd8a5bfa7c903
533097210582901be3fd4145e318d2fd8a4f88d2c8cdd2523b87138dc7f34ea5
5c619b22c112f6aa5749dea833cbfec6e9cd65b34f8a90223a2ae47717090bd4
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
7f2fa1c7095595c0713b1215ce37e21f633c569a1a76cd753f813807bc593b0c
80c3bd17e3c0486c71816a9a8a8f019dd66259837fa2eff0edad01b64dbc13da
85f43eb5335383163b9f863900fe0e8657a075590113bceb8db55422ca483d18
8bd4ddf9a9d1084d9b10eeb457fe5abcb35c313e6124230369a804da9c268036
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
b25e1e7145a66edbf71a2d71a39de7b8b9f9aafea4891b7d8bbc663a478144b1
be3466eb12e52af9c38326594ad22fb2a55053ec6c21dbcd2ff7393938bf29db
c51192f403521696ef494fd1a77c9f242a2728f730d6e583a31535261d277fb5
cac2b0eb4792338c47e5692a01b975e32fc979c6280ab87e971c349d3d5e1654
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
ced34f591157438ef47695f979ac95f8758408e8d9b88e63aee8b382ec975785
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d39205527d68e42e7ebbf36239cebca6a9e8c8c74d9a2a8a15367b24aa335963
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
dc79d142fe5b1b38a92d46689548d3047b703d5b00cebcf90f46a0d4ffcc3236
e0548fb25f7157dc519f7907cf2c057c4d5525fe78d2b60b99081668253a063b
e15a737eee950a7bec243c72d3fdf694fc8649667e900809d45163343f27653e
ea110ded41b6d5e370f4b0c50c8ce30d6ace18aceeb953f205f62998f94bde4b
eceb5a1c6301feb3dd752bc6b5c10569cedd184f3f75503d13f312aadaf207f8
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c