give.victorypassport.com Open in urlscan Pro
2600:9000:2156:bc00:17:ecf9:140:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ct12.conservativewoman.com/t/11270760/403183356/187221/2/
Effective URL:
https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_...
Submission: On November 25 via manual (November 25th 2019, 9:14:32 pm UTC) from US

Summary HTTP 54 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 17 IPs in 5 countries across 16 domains to perform 54 HTTP transactions. The main IP is 2600:9000:2156:bc00:17:ecf9:140:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is give.victorypassport.com.
TLS certificate: Issued by Amazon on February 5th 2019. Valid for: a year.

This is the only time give.victorypassport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	64.31.153.82 64.31.153.82	3356 (LEVEL3) (LEVEL3 - Level 3 Parent)
3	2600:9000:215... 2600:9000:2156:bc00:17:ecf9:140:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	52.216.9.165 52.216.9.165	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	2600:9000:20e... 2600:9000:20eb:f800:14:71e7:1f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	13.225.78.118 13.225.78.118	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	143.204.101.105 143.204.101.105	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2 11	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
3 3	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	2a00:1450:400... 2a00:1450:4001:814::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
54	17

1 64.31.153.82 (United States) 1 redirects

ASN3356 (LEVEL3 - Level 3 Parent, LLC, US)
PTR: smtpl12.dmsgs.com

ct12.conservativewoman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:bc00:17:ecf9:140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

give.victorypassport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.216.9.165 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:f800:14:71e7:1f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

mystique.victorypassport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.118 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-225-78-118.fra2.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.101.105 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-105.fra50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c08::9a (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:818::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	victorypassport.com give.victorypassport.com mystique.victorypassport.com	303 KB
11	google-analytics.com 2 redirects www.google-analytics.com	71 KB
4	facebook.com www.facebook.com	739 B
4	facebook.net connect.facebook.net	224 KB
4	google.de www.google.de	437 B
4	google.com 3 redirects www.google.com	660 B
4	doubleclick.net 3 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
4	gstatic.com fonts.gstatic.com	46 KB
4	stripe.com js.stripe.com	40 KB
3	amazonaws.com s3.amazonaws.com	88 KB
2	yimg.com s.yimg.com	6 KB
2	googletagmanager.com www.googletagmanager.com	42 KB
2	googleapis.com fonts.googleapis.com	1 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	honeybadger.io js.honeybadger.io	4 KB
1	conservativewoman.com 1 redirects ct12.conservativewoman.com	910 B
54	16

	Domain	Requested by
11	www.google-analytics.com	2 redirects mystique.victorypassport.com www.googletagmanager.com give.victorypassport.com
9	mystique.victorypassport.com	give.victorypassport.com mystique.victorypassport.com
4	www.facebook.com	mystique.victorypassport.com give.victorypassport.com
4	connect.facebook.net	give.victorypassport.com connect.facebook.net
4	www.google.de	mystique.victorypassport.com give.victorypassport.com
4	www.google.com	3 redirects give.victorypassport.com
4	fonts.gstatic.com	mystique.victorypassport.com
4	js.stripe.com	mystique.victorypassport.com js.stripe.com
3	stats.g.doubleclick.net	3 redirects
3	s3.amazonaws.com	give.victorypassport.com mystique.victorypassport.com
3	give.victorypassport.com	give.victorypassport.com
2	s.yimg.com	give.victorypassport.com s.yimg.com
2	www.googletagmanager.com	mystique.victorypassport.com
2	fonts.googleapis.com	mystique.victorypassport.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.honeybadger.io	mystique.victorypassport.com
1	ct12.conservativewoman.com	1 redirects
54	18

This site contains links to these domains. Also see Links.

Domain
www.victorypassport.com

Subject Issuer	Validity	Valid
*.victorypassport.com Amazon	`2019-02-05` - `2020-03-05`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2020-12-02`	a year	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2019-11-08` - `2020-03-03`	4 months	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-11-06` - `2020-02-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-11-01` - `2019-12-16`	a month	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Frame ID: B72565CF8886E39669FCA252B2305744
Requests: 27 HTTP requests in this frame

Frame: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
Frame ID: 64B3D0E5C5D65643E300EE2C1CCEED50
Requests: 26 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 0B151451B9A34E7EC2D03805145A1375
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4d17a00d2029917f836584ee4fcec351.html
Frame ID: D602713C6A2BD31F01D6E8A911A85663
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-cd25803263cd2601cb18e3cd5aa05896.html
Frame ID: 7E7245A97499E73A88E9618900AD1149
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ct12.conservativewoman.com/t/11270760/403183356/187221/2/ HTTP 302
https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_so... Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div[^>]+class="[^"]*pure-u-(?:sm-|md-|lg-|xl-)?\d-\d/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

54
Requests

100 %
HTTPS

72 %
IPv6

16
Domains

18
Subdomains

17
IPs

5
Countries

839 kB
Transfer

2900 kB
Size

10
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.victorypassport.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.victorypassport.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ct12.conservativewoman.com/t/11270760/403183356/187221/2/ HTTP 302
https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1401942740&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fscalise%252Fspoiler-alert-slr%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1456&je=0&_u=IEBAAEAB~&jid=74405597&gjid=547618798&cid=237274898.1574716456&tid=UA-10463545-15&_gid=925802441.1574716456&_r=1&z=1647382191 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_gid=925802441.1574716456&gjid=547618798&_v=j79&z=1647382191 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_v=j79&z=1647382191 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_v=j79&z=1647382191&slf_rd=1&random=4207815193

Request Chain 32

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&gjid=1647675162&_gid=925802441.1574716456&_u=aGDAgEAB~&z=481161514 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&_v=j79&z=481161514 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&_v=j79&z=481161514&slf_rd=1&random=431604843

Request Chain 39

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=250169452&t=pageview&_s=1&dl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Donate%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=SACAAEAB~&jid=990429634&gjid=1509326233&cid=237274898.1574716456&tid=UA-116239652-1&_gid=925802441.1574716456&_r=1&gtm=2wgav9553F39Z&z=1411089813 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_gid=925802441.1574716456&gjid=1509326233&_v=j79&z=1411089813 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_v=j79&z=1411089813 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_v=j79&z=1411089813&slf_rd=1&random=992268151

54 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.victorypassport.com/scalise/spoiler-alert-slr/
Redirect Chain

http://ct12.conservativewoman.com/t/11270760/403183356/187221/2/
https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKIN...

3 KB
1 KB

217ms
155ms

Document
text/html

2600:9000:2156:bc00:17:ecf9:140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:bc00:17:ecf9:140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3ef2119e306140d57a24f293d9a2980d30052dd140ac6788fad5470949be40a

Request headers

:method: GET
:authority: give.victorypassport.com
:scheme: https
:path: /scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
sec-fetch-mode: navigate
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Sun, 24 Nov 2019 15:07:19 GMT
last-modified: Fri, 22 Nov 2019 18:38:45 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ISU7e4kvv1ObrMUJT16Wq2wJsCh7a3KWQolNAkvnFgU5pXnpURC73w==

Redirect headers

Date: Mon, 25 Nov 2019 21:14:13 GMT
Connection: Close
Content-Type: text/html
Content-Length: 407
Set-Cookie: messageid=11270760 ; expires=Friday, 18-Nov-2022 02:48:52 GMT ; path=/ memberid=403183356 ; expires=Friday, 18-Nov-2022 02:48:52 GMT ; path=/ urlid=187221 ; expires=Friday, 18-Nov-2022 02:48:52 GMT ; path=/ groupid=2 ; expires=Friday, 18-Nov-2022 02:48:52 GMT ; path=/
Location: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
URI: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement

GET
H2 200 site-6c167e01.css
give.victorypassport.com/scalise/spoiler-alert-slr/stylesheets/ 29 KB
6 KB 148ms
147ms Stylesheet
text/css 2600:9000:2156:bc00:17:ecf9:140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/stylesheets/site-6c167e01.css
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:bc00:17:ecf9:140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86aec3313e0fff75c162c1e00067c56506072ecd5694fb7ba0de3dae1a392d5d

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 15:10:34 GMT
content-encoding: gzip
last-modified: Fri, 22 Nov 2019 18:38:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css; charset=utf-8
status: 200
x-amz-cf-id: KtFQajliDdNm-omPSJyPpPoXuFmxmcJUOieKlukAZTDA40AGkQFbSg==
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)

GET
H2 200 all-4abf6d7e.js Show response
give.victorypassport.com/scalise/spoiler-alert-slr/javascripts/ 0
302 B 149ms
149ms Script
application/javascript 2600:9000:2156:bc00:17:ecf9:140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/javascripts/all-4abf6d7e.js
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:bc00:17:ecf9:140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 24 Nov 2019 15:10:34 GMT
via: 1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
last-modified: Fri, 22 Nov 2019 18:38:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
content-length: 0
x-amz-cf-id: gBA4rUZGT3URJal4fws6_BgeYRAIoiS34L8bDfM20H1Zu2YmzFgbnQ==

GET
H/1.1 200
OK fdd5f8c2-c341-11e7-a2fd-128ffe50dda6.png
s3.amazonaws.com/mystique.victorypassport.com/media/ 20 KB
20 KB 507ms
133ms Image
image/png 52.216.9.165
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mystique.victorypassport.com/media/fdd5f8c2-c341-11e7-a2fd-128ffe50dda6.png
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.9.165 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d1b17fb2258f25a3f28c71629c16fcdc6f57869db82059826493f72d83444750

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-meta-original-filename: Scalise Logo.png
Date: Mon, 25 Nov 2019 21:14:15 GMT
Last-Modified: Mon, 06 Nov 2017 22:29:46 GMT
Server: AmazonS3
x-amz-request-id: 1690F771B93ED957
ETag: "c727908c45fd749b79f8c34fe6635a19"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20284
x-amz-id-2: PczrlI77eTP7w3dVCXkWQHL12LiWNy8w2gv2nYt1niiPa8df6KAhgEKzqfKpw06os987YOIU93c=

GET
H2 200 jigsaw_initial Show response
mystique.victorypassport.com/scripts/ 813 B
1 KB 423ms
373ms Script
text/javascript 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/scripts/jigsaw_initial

Requested by

Host: give.victorypassport.com
URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C1
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 389
x-xss-protection: 1; mode=block
x-request-id: be506c34-864f-4419-bbbd-e4bdafe1eb9e
x-runtime: 0.004593
server: nginx/1.15.8 + Phusion Passenger 6.0.2
etag: W/"9a95a26d3ddf3552a8232e66f655e93c"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: dZrP-pj28Eu3CliXBkiggKE7fg0dSpyB7A4esjFphZkfne4a2ZapZg==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 jigsaw.css
mystique.victorypassport.com/styles/ 789 B
933 B 368ms
367ms Stylesheet
text/css 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/styles/jigsaw.css?location_url=https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C1
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 411
x-xss-protection: 1; mode=block
x-request-id: a63629ce-8cb4-42f8-8f9c-0983759aa7df
x-runtime: 0.008851
server: nginx/1.15.8 + Phusion Passenger 6.0.2
etag: W/"1d4241902701f5e95c12b5436961a139"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: VCJlSQa6Samu525kE7G4Vbxn2O1Txxs4V3llL6QMWXESBenu7rPQTg==

GET
H2 200 jigsaw Show response
mystique.victorypassport.com/scripts/ 2 KB
2 KB 373ms
372ms Script
text/javascript 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM=

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.12.1 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

62fb96820245d2ce2c5339185c8a6f2c74f1b906d6f7abe3f2e07720f79272b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C1
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 1012
x-xss-protection: 1; mode=block
x-request-id: 89153cdc-012b-4f33-8989-14c7f923cefb
x-runtime: 0.009419
server: nginx/1.12.1 + Phusion Passenger 6.0.2
etag: W/"9e42ec6632507777443c10e1825dc4ad"
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: UnMHRe-ilJUV90bR0hhKUwTUo-fl7tesqWLpHo6ayAPhp0nEeF2iXw==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 spoiler-alert-slr Show response
mystique.victorypassport.com/pages/scalise/ Frame 64B3 22 KB
8 KB 386ms
385ms Document
text/html 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.15.8 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

257e34dc5d030cf63a0fcb50377489a036e125081c2a0f366feb8a92bd888720

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mystique.victorypassport.com
:scheme: https
:path: /pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-site
sec-fetch-mode: nested-navigate
referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement

Response headers

status: 200 200 OK
content-type: text/html; charset=utf-8
content-length: 7486
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
date: Mon, 25 Nov 2019 21:14:14 GMT
etag: W/"60939bdb47563ba7cef4f863fa5f56fc"
server: nginx/1.15.8 + Phusion Passenger 6.0.2
set-cookie: _mystique_session=NzUydk1xNTB5WWZYV01DU2ZVeE11d0p6V0p0d243V1RzU3pua0RLWUgzOHlqZkdQQTBMODk3SUVtWTcrT21LYmVGWlozVnpFSHltRzNFMnplZUd1MWpGSGxrY3hSdzVmOHdxZVhOS1NBSzdCN2FnK0RneEU4eGl6a1hIalpqVnp3b3poQ3V6akhuS21oNUdENVR1ZytRPT0tLUhGMXR5UWxHYzJvclJNNW5KSHpmL2c9PQ%3D%3D--9f4a1c250b9c5fad0c8231f5d8a71e2f195d38ac; path=/; expires=Wed, 25 Nov 2020 03:14:14 -0000; secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-request-id: 55628114-7e9b-407d-9764-438a45d16b63
x-runtime: 0.024829
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: nv_1NfnIHaRUAg1bh2Y6q35qb3tNRzjPsCpfM3ZFlR-K6ey3f8ZMZA==

GET
H2 200 application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
mystique.victorypassport.com/assets/jackal/ 20 KB
5 KB 383ms
382ms Stylesheet
text/css 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:14 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.15.8
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: text/css
status: 200
cache-control: max-age=315360000, public
content-length: 4419
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-id: 57uQ-AAk9jfcbkmjnmzw3NOYLakPqdUU7wcCsPO5vfziC0B5lL_TZQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js Show response
mystique.victorypassport.com/assets/jackal/ 42 KB
10 KB 382ms
381ms Script
application/x-javascript 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:14 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.15.8
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=315360000, public
content-length: 9742
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-id: KdIA4dFtyIub1kUAhQNmDgCdMjJxCbM0hahCuiv1QnndfvErLwWVqA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
mystique.victorypassport.com/assets/ 444 B
804 B 22ms
22ms Image
image/jpeg 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mystique.victorypassport.com/assets/circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c

Request headers

Referer: https://mystique.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 22 Nov 2019 18:34:27 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
last-modified: Wed, 28 Aug 2019 21:48:56 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 444
x-amz-cf-id: lyvtB0UT8fVuur6TDUzzukTkWVVGU6Xt_AAHH9o6mzO0tGg2AmGYdw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-d177d9c3a84c650b7f3d14bac7854b3469182f5afb605dd8c2249d44556246df.css
mystique.victorypassport.com/assets/donation_form/ Frame 64B3 575 KB
102 KB 496ms
495ms Stylesheet
text/css 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/donation_form/application-d177d9c3a84c650b7f3d14bac7854b3469182f5afb605dd8c2249d44556246df.css
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 340ab97b4ab045fd48b41921cd0b16e8de0172d7ea629de882ef478b69d640e6

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:15 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.15.8
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: text/css
status: 200
cache-control: max-age=315360000, public
content-length: 104128
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-id: JBQoUtfkRuswDwYlA-WVrqWMSc9OAGBij2wQHKS6i_AZmYJ4C3pXBQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js Show response
mystique.victorypassport.com/assets/donation_form/ Frame 64B3 606 KB
166 KB 202ms
201ms Script
application/x-javascript 2600:9000:20eb:f800:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/donation_form/application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:f800:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:14 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.15.8
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=315360000, public
content-length: 169607
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-id: V-PFcJYYEDZ63C1d2suUgCQvAOwj9D318XNhhPNnLzZM90sLULqgaA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v0.3/ Frame 64B3 12 KB
4 KB 124ms
33ms Script
application/x-javascript 13.225.78.118
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v0.3/honeybadger.min.js
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.78.118 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-225-78-118.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a5d46c872394dad63492e5196d0d7d0b31cfcedafd3237598cea519ded79f7d

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2015 16:44:24 GMT
Server: AmazonS3
Age: 5307
Date: Mon, 25 Nov 2019 19:45:48 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 4048e3a1e70c8529cbd86f04580a3da4.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: RCHMMvrXGVMuPWvzCv_GeSSDI_UAj86zG-wMKNycdjst69gQKBINDw==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 64B3 153 KB
40 KB 114ms
45ms Script
application/javascript 143.204.101.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.105 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

093a2852061c4c5b6f2d8ce97b8c2ba29230e000ab8602f2dbf14641013b27f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
age: 200
x-cache: Hit from cloudfront
status: 200
last-modified: Wed, 20 Nov 2019 22:40:41 GMT
server: AmazonS3
date: Mon, 25 Nov 2019 21:10:55 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: FRA50-C1
timing-allow-origin: *
x-amz-cf-id: qWVAcka-dcw0e8Ry2rjtyzF84a7ob5Wnw7buykaALYFLhgh5KsKR_w==

GET
H/1.1 200
OK large_c5e83bdf-501e-4486-aa2c-a32448bdbce1.jpg
s3.amazonaws.com/mystique.victorypassport.com/donation_page/7823/page_image/ Frame 64B3 56 KB
57 KB 132ms
131ms Image
image/jpeg 52.216.9.165
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mystique.victorypassport.com/donation_page/7823/page_image/large_c5e83bdf-501e-4486-aa2c-a32448bdbce1.jpg
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.9.165 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 69e22b067fb0e792eb2f528873c2f57cf8f98df692bd458c5e571a184512e2d5

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 25 Nov 2019 21:14:15 GMT
Last-Modified: Fri, 22 Nov 2019 18:38:19 GMT
Server: AmazonS3
x-amz-request-id: B4E62F6D843CD893
ETag: "4168f2386540d8e1f8840db8e65102bb"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 57680
x-amz-id-2: 3EA0BW0lt75Ievm9c/N2xqeuQ+tau84UnnLNnFgAwR62TZrUHm1qeB6u/xOIVopfrNEo22j3qC8=
Expires: Fri, 29 Nov 2019 14:04:09 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 64B3 3 KB
578 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 25 Nov 2019 21:14:15 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 25 Nov 2019 21:14:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 25 Nov 2019 21:14:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 64B3 14 KB
922 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

58aa0e80aab1877f50dcce5806fdc75a18f82161ad1493a6bfb79c9d283bc19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 25 Nov 2019 21:14:15 GMT
server: ESF
access-control-allow-origin: *
date: Mon, 25 Nov 2019 21:14:15 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Mon, 25 Nov 2019 21:14:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 64B3 58 KB
21 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHGMG8H

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6bfbb67b344c8613ff8eadd62a55b24e1ac94c5c42058e16d0044db113e145d4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:15 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 21181
x-xss-protection: 0
expires: Mon, 25 Nov 2019 21:14:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 64B3 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2438
date: Mon, 25 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 22:33:37 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 64B3 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,600,700
Origin: https://mystique.victorypassport.com

Response headers

date: Thu, 21 Nov 2019 17:13:27 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 360048
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 20 Nov 2020 17:13:27 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ Frame 64B3 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Origin: https://mystique.victorypassport.com

Response headers

date: Thu, 21 Nov 2019 20:32:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 348080
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14176
x-xss-protection: 0
expires: Fri, 20 Nov 2020 20:32:55 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 64B3 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,600,700
Origin: https://mystique.victorypassport.com

Response headers

date: Thu, 21 Nov 2019 07:12:32 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 396103
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Fri, 20 Nov 2020 07:12:32 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 64B3 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Origin: https://mystique.victorypassport.com

Response headers

date: Thu, 21 Nov 2019 15:18:11 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 366964
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 20 Nov 2020 15:18:11 GMT

GET
DATA 200
OK truncated
/ Frame 64B3 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd0be439382896efa9951981bb35906a21cd6519d3d6451985c6bebec417b3c6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://mystique.victorypassport.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 outer.html
js.stripe.com/v2/m/ Frame 0B15 0
0 34ms
34ms Document
text/html 143.204.101.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/m/outer.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.105 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/m/outer.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 718
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
date: Mon, 25 Nov 2019 21:11:54 GMT
etag: "51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: pxYCEARKJez-ck4Q3JJpxaQjaawDxx5sxBTVPBS94UEWCJVkqGqX8A==
age: 151

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 63 KB
22 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:821::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-553F39Z

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bcd6ced38837b4f4df93cf5d2bc25bf6eec910eb98db9b48b1133c6cbaa1d628

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:15 GMT
content-encoding: br
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 22127
x-xss-protection: 0
expires: Mon, 25 Nov 2019 21:14:15 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2438
date: Mon, 25 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 22:33:37 GMT

GET
H/1.1 200
OK VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ 11 KB
11 KB 519ms
141ms Font
application/octet-stream 52.216.9.165
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.victorypassport.com/fonts/VictoryPassport.ttf
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/assets/donation_form/application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.9.165 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mystique.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Origin: https://give.victorypassport.com

Response headers

Date: Mon, 25 Nov 2019 21:14:17 GMT
Last-Modified: Wed, 01 Jul 2015 02:35:45 GMT
Server: AmazonS3
x-amz-request-id: 894D3E256CB36776
ETag: "7d80bd6dc0d2e81dc2274a2b29799949"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 10804
x-amz-id-2: d7p7pR32fq244jqoKCs2c9T/jkemxsPWQ2+irv/yElBDdkdItfvDj8t4yy0nUiaOdc4A6iNBQj8=

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 64B3
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1401942740&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_gid=925802441.1574716456&gjid=547618798&_v=j79&z=1647382191
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_v=j79&z=1647382191
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_v=j79&z=1647382191&slf_rd=1&random=4207815193

42 B
109 B

29ms
28ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_v=j79&z=1647382191&slf_rd=1&random=4207815193

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=237274898.1574716456&jid=74405597&_v=j79&z=1647382191&slf_rd=1&random=4207815193
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 64B3 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHGMG8H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2438
date: Mon, 25 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 22:33:37 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 64B3 121 KB
26 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: QCVpLBCuu8ax9wnlovwQqzdfMxWnO3iUxAceMBPnQjh+OMmBkd562CKau6jge1KqhIyROQr1n6JWhEcOtEcV/A==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 21:14:15 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 64B3 35 B
109 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1401942740&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fscalise%252Fspoiler-alert-slr%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1456&je=0&_u=aGDAgEAB~&jid=1340355030&gjid=1647675162&cid=237274898.1574716456&tid=UA-10463545-9&_gid=925802441.1574716456&gtm=2wgav9MHGMG8H&z=1477179679

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322268
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 64B3
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&gjid=1647675162&_gid=925802441.1574716456&_u=aGDAgEAB~&z=481161514
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&_v=j79&z=481161514
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&_v=j79&z=481161514&slf_rd=1&random=431604843

42 B
109 B

29ms
29ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&_v=j79&z=481161514&slf_rd=1&random=431604843

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=237274898.1574716456&jid=1340355030&_v=j79&z=481161514&slf_rd=1&random=431604843
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 64B3 35 B
111 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1401942740&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fscalise%252Fspoiler-alert-slr%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1456&je=0&_u=aGDAAEAB~&jid=1801155789&gjid=955084446&cid=237274898.1574716456&tid=UA-10463545-10&_gid=925802441.1574716456&_r=1&gtm=2wgav9MHGMG8H&z=1599796131

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 7ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=250169452&t=pageview&_s=1&dl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Donate%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=237274898.1574716456&tid=UA-116239652-1&_gid=925802441.1574716456&z=1253100163

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322268
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-553F39Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 2438
date: Mon, 25 Nov 2019 20:33:37 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 25 Nov 2019 22:33:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 25 KB
9 KB 31ms
31ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-553F39Z

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9614
x-xss-protection: 0
server: cafe
etag: 5296095546589048175
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 25 Nov 2019 21:14:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
26 KB 5ms
5ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 26765
x-xss-protection: 0
pragma: public
x-fb-debug: QCVpLBCuu8ax9wnlovwQqzdfMxWnO3iUxAceMBPnQjh+OMmBkd562CKau6jge1KqhIyROQr1n6JWhEcOtEcV/A==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 21:14:15 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 19 KB
6 KB 49ms
16ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 20:20:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3237
x-amz-server-side-encryption: AES256
status: 200
content-length: 5150
strict-transport-security: max-age=15552000
x-amz-request-id: E6C12CB9441B3709
x-amz-id-2: 8nkT5JIGsZ0rHNNwOYlikNopUd3HbIOvP/9O/6MYqg9meR/6+CvT/X9YnxD4nggcVEPpNMhMDos=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Thu, 12 Nov 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Tue, 08 Oct 2019 10:16:59 GMT
server: ATS
etag: "254a43f994019deb4ca1830f04bd5d32-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
x-amz-version-id: x4Y4HVRbF4l0Lw4GKvYmVr0DuE8bwWr0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=250169452&t=pageview&_s=1&dl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_gid=925802441.1574716456&gjid=1509326233&_v=j79&z=1411089813
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_v=j79&z=1411089813
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_v=j79&z=1411089813&slf_rd=1&random=992268151

42 B
109 B

30ms
29ms

Image
image/gif

2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_v=j79&z=1411089813&slf_rd=1&random=992268151

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-116239652-1&cid=237274898.1574716456&jid=990429634&_v=j79&z=1411089813&slf_rd=1&random=992268151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1278724555535987 Show response
connect.facebook.net/signals/config/ Frame 64B3 349 KB
85 KB 139ms
138ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1278724555535987?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

eae14bdbd15feb40f8bcfdfa997d684f13061e86bcdd191c352ef43c50baf87c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 9M+qedzI85RLEKw2mutWtf+f26oDNUtn2STd9vcwttWiWbA6mH+5cYiGhqLH9T5olKRj419uASxWOzKCrp2CBQ==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 21:14:15 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1943878355872195 Show response
connect.facebook.net/signals/config/ 349 KB
86 KB 169ms
169ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1943878355872195?v=2.9.13&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

80a8513e35c1f955d96561f6fca27a81a33bbec192296da6ff1ce75fd1c9bd77

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 2nFPqTwOWO9mIBDqYx6Ifmsbkq5djsU45qqXgvfG0lidml456rKhX5VCxr2QLGmXMJspX2e1hBORaVTxf55kGA==
x-fb-trip-id: 420120009
date: Mon, 25 Nov 2019 21:14:15 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/818121997/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:814::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/818121997/?random=1574716455710&cv=9&fst=1574716455710&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&tiba=Donate%20Today&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f4561c0a11fe4cd13e6cc8b4f058d8d9b54fc7f0e2a2569a163ed47ae97b4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1057
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/818121997/ 42 B
120 B 26ms
26ms Image
image/gif 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/818121997/?random=1574716455710&cv=9&fst=1574715600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=2679239476&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/818121997/ 42 B
110 B 33ms
32ms Image
image/gif 2a00:1450:4001:806::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/818121997/?random=1574716455710&cv=9&fst=1574715600000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgav9&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=2679239476&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Nov 2019 21:14:15 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10061329.json Show response
s.yimg.com/wi/config/ 2 B
479 B 186ms
154ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10061329.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
Origin: https://give.victorypassport.com

Response headers

date: Mon, 25 Nov 2019 21:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 384994ED22BACC66
x-amz-id-2: xhiLUDGizk5cQUn8fzoP1enDnQ9mAMaxjSOD3MH9LJv6dVDNVFtq0cHHl9eo0ApMfoPjn/5BEXo=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 /
www.facebook.com/tr/ Frame 64B3 44 B
246 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1278724555535987&ev=PageView&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fscalise%252Fspoiler-alert-slr%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%253D&rl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&if=true&ts=1574716455841&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574716455840.956393899&it=1574716455682&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:15 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 25 Nov 2019 21:14:15 GMT

GET
H2 200 controller-4d17a00d2029917f836584ee4fcec351.html
js.stripe.com/v3/ Frame D602 0
0 37ms
36ms Document
text/html 143.204.101.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4d17a00d2029917f836584ee4fcec351.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.105 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-4d17a00d2029917f836584ee4fcec351.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D

Response headers

status: 200
content-type: text/html; charset=utf-8
last-modified: Wed, 20 Nov 2019 22:40:39 GMT
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Mon, 25 Nov 2019 21:14:15 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: g6XAHm8fEC11g1INnazKhuuDbAhUbLig9lX51Em591dZ5gY178w_yw==

GET
H2 200 elements-inner-card-cd25803263cd2601cb18e3cd5aa05896.html
js.stripe.com/v3/ Frame 7E72 0
0 34ms
33ms Document
text/html 143.204.101.105
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-cd25803263cd2601cb18e3cd5aa05896.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

143.204.101.105 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-143-204-101-105.fra50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-cd25803263cd2601cb18e3cd5aa05896.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D

Response headers

status: 200
content-type: text/html; charset=utf-8
last-modified: Wed, 20 Nov 2019 22:40:41 GMT
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Sun, 24 Nov 2019 04:32:27 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: dRov3nJSNHDqfHuQ9uD9Vv8esLSyPuC6JVTOeL7Lnef-JaKwWYzO2g==

GET
DATA 200
OK truncated
/ Frame 64B3 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c192079ad17031eb73f38cfa4e3d894db33b39e8496e61a0975535b2a7b5ac2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://mystique.victorypassport.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 collect
www.google-analytics.com/ Frame 64B3 35 B
103 B 6ms
6ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1401942740&t=event&_s=2&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fscalise%252Fspoiler-alert-slr%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1456&je=0&ec=Donation%20Form%20Scalise&ea=single&el=donation-amount-250&_u=aGDAAEAB~&jid=&gjid=&cid=237274898.1574716456&tid=UA-10463545-15&_gid=925802441.1574716456&z=1610903785

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322268
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 6ms
5ms Image
image/gif 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=250169452&t=event&_s=2&dl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&ul=en-us&de=UTF-8&dt=Donate%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Donation%20Form&ea=single&el=donation-amount-250&_u=SACAAEAB~&jid=&gjid=&cid=237274898.1574716456&tid=UA-116239652-1&_gid=925802441.1574716456&z=1636797049

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Nov 2019 03:43:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 322268
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
146 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1943878355872195&ev=PageView&dl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&rl=&if=false&ts=1574716456057&sw=1600&sh=1200&v=2.9.13&r=stable&ec=0&o=30&fbp=fb.1.1574716455840.956393899&it=1574716455688&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 25 Nov 2019 21:14:16 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
100 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1943878355872195&ev=Microdata&dl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&rl=&if=false&ts=1574716456573&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Today%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Steve%20Scalise%20for%20Congress%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Donate%20Now!%22%2C%22og%3Adescription%22%3A%22You%20can%20make%20the%20difference%20by%20donating%20now.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.13&r=stable&ec=1&o=30&fbp=fb.1.1574716455840.956393899&it=1574716455688&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://give.victorypassport.com/scalise/spoiler-alert-slr/?recurring=true&amount=250&utm_medium=email&utm_source=USA-GOP-GA&utm_campaign=20191124_USA-GOP-GA_GOP-Alerts&utm_content=20191124_BREAKING-Impeachment-Announcement
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 25 Nov 2019 21:14:16 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 64B3 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1278724555535987&ev=Microdata&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fscalise%2Fspoiler-alert-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fscalise%252Fspoiler-alert-slr%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%253D&rl=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr%2F%3Frecurring%3Dtrue%26amount%3D250%26utm_medium%3Demail%26utm_source%3DUSA-GOP-GA%26utm_campaign%3D20191124_USA-GOP-GA_GOP-Alerts%26utm_content%3D20191124_BREAKING-Impeachment-Announcement&if=true&ts=1574716457346&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mystique%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[em]=8919d86f59f3d2e26963ef11b994ad5a4992712a3552d42014ca7966dcf02ef5&v=2.9.13&r=stable&ec=1&o=30&fbp=fb.1.1574716457345.1055182770&it=1574716455682&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://mystique.victorypassport.com/pages/scalise/spoiler-alert-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fscalise%2Fspoiler-alert-slr&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vc2NhbGlzZS9zcG9pbGVyLWFsZXJ0LXNsci8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTI1MCZ1dG1fbWVkaXVtPWVtYWlsJnV0bV9zb3VyY2U9VVNBLUdPUC1HQSZ1dG1fY2FtcGFpZ249MjAxOTExMjRfVVNBLUdPUC1HQV9HT1AtQWxlcnRzJnV0bV9jb250ZW50PTIwMTkxMTI0X0JSRUFLSU5HLUltcGVhY2htZW50LUFubm91bmNlbWVudCM%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 25 Nov 2019 21:14:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 25 Nov 2019 21:14:17 GMT

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mystique.victorypassport.com/	1970-01-19 14:10:52	Name: __stripe_mid Value: 40fcfdfb-fb10-4015-a8a1-05fdb84af858
mystique.victorypassport.com/	1970-01-19 14:11:14	Name: _mystique_session Value: NzUydk1xNTB5WWZYV01DU2ZVeE11d0p6V0p0d243V1RzU3pua0RLWUgzOHlqZkdQQTBMODk3SUVtWTcrT21LYmVGWlozVnpFSHltRzNFMnplZUd1MWpGSGxrY3hSdzVmOHdxZVhOS1NBSzdCN2FnK0RneEU4eGl6a1hIalpqVnp3b3poQ3V6akhuS21oNUdENVR1ZytRPT0tLUhGMXR5UWxHYzJvclJNNW5KSHpmL2c9PQ%3D%3D--9f4a1c250b9c5fad0c8231f5d8a71e2f195d38ac
.victorypassport.com/	1970-01-19 07:34:52	Name: _fbp Value: fb.1.1574716455840.956393899
.mystique.victorypassport.com/	1970-01-19 05:25:18	Name: __stripe_sid Value: d9304765-e967-487b-8b55-1c764ad8e70e
.victorypassport.com/	1970-01-19 05:25:16	Name: _gat_UA-10463545-10 Value: 1
.victorypassport.com/	1970-01-19 05:25:16	Name: _gat_UA-116239652-1 Value: 1
.victorypassport.com/	1970-01-19 05:25:16	Name: _dc_gtm_UA-10463545-9 Value: 1
.victorypassport.com/	1970-01-19 05:25:16	Name: _gat Value: 1
.victorypassport.com/	1970-01-19 05:26:42	Name: _gid Value: GA1.2.925802441.1574716456
.victorypassport.com/	1970-01-19 22:56:28	Name: _ga Value: GA1.2.237274898.1574716456

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 1943878355872195.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
ct12.conservativewoman.com
fonts.googleapis.com
fonts.gstatic.com
give.victorypassport.com
googleads.g.doubleclick.net
js.honeybadger.io
js.stripe.com
mystique.victorypassport.com
s.yimg.com
s3.amazonaws.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
13.225.78.118
143.204.101.105
216.58.208.34
2600:9000:20eb:f800:14:71e7:1f40:93a1
2600:9000:2156:bc00:17:ecf9:140:93a1
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2003
2a00:1450:4001:814::2002
2a00:1450:4001:818::2004
2a00:1450:4001:81a::200a
2a00:1450:4001:821::2008
2a00:1450:400c:c08::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.216.9.165
64.31.153.82
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
093a2852061c4c5b6f2d8ce97b8c2ba29230e000ab8602f2dbf14641013b27f7
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
257e34dc5d030cf63a0fcb50377489a036e125081c2a0f366feb8a92bd888720
340ab97b4ab045fd48b41921cd0b16e8de0172d7ea629de882ef478b69d640e6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58aa0e80aab1877f50dcce5806fdc75a18f82161ad1493a6bfb79c9d283bc19c
5a5d46c872394dad63492e5196d0d7d0b31cfcedafd3237598cea519ded79f7d
5c192079ad17031eb73f38cfa4e3d894db33b39e8496e61a0975535b2a7b5ac2
62fb96820245d2ce2c5339185c8a6f2c74f1b906d6f7abe3f2e07720f79272b3
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
69e22b067fb0e792eb2f528873c2f57cf8f98df692bd458c5e571a184512e2d5
69e3a796f4b120879065a812b95b56fd4d28f88faf8c1976ad9b0fa2f31dc0eb
6bfbb67b344c8613ff8eadd62a55b24e1ac94c5c42058e16d0044db113e145d4
7edb2213c1f4f569617389783ba544f9997d11a1fc5e54406582b25967bfde66
80a8513e35c1f955d96561f6fca27a81a33bbec192296da6ff1ce75fd1c9bd77
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
86aec3313e0fff75c162c1e00067c56506072ecd5694fb7ba0de3dae1a392d5d
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
b3ef2119e306140d57a24f293d9a2980d30052dd140ac6788fad5470949be40a
bcd6ced38837b4f4df93cf5d2bc25bf6eec910eb98db9b48b1133c6cbaa1d628
bd0be439382896efa9951981bb35906a21cd6519d3d6451985c6bebec417b3c6
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
d1b17fb2258f25a3f28c71629c16fcdc6f57869db82059826493f72d83444750
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
eae14bdbd15feb40f8bcfdfa997d684f13061e86bcdd191c352ef43c50baf87c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f20f83cb7683a1a3138cd52201d83436e33a5e67ef0b9c96bbdab860b5f7da16
f4561c0a11fe4cd13e6cc8b4f058d8d9b54fc7f0e2a2569a163ed47ae97b4865

give.victorypassport.com Open in urlscan Pro 2600:9000:2156:bc00:17:ecf9:140:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

100 %HTTPS

72 %IPv6

16 Domains

18 Subdomains

17 IPs

5 Countries

839 kBTransfer

2900 kBSize

10 Cookies

2 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.victorypassport.com Open in urlscan Pro
2600:9000:2156:bc00:17:ecf9:140:93a1 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

100 %
HTTPS

72 %
IPv6

16
Domains

18
Subdomains

17
IPs

5
Countries

839 kB
Transfer

2900 kB
Size

10
Cookies

54 HTTP transactions
2 data transactions