gop.com Open in urlscan Pro
151.101.66.132 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.campaigns.rnchq.com/?qs=caf5146f73cc6e684c1e72283de02dd55e058b0dc4cf43f05c9e6b2c31b51232f57815504e10e4dbf132503198ff...
Effective URL:
https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept...
Submission: On September 29 via api (September 29th 2021, 9:34:31 pm UTC) from US — Scanned from DE

Summary HTTP 83 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 27 IPs in 5 countries across 21 domains to perform 83 HTTP transactions. The main IP is 151.101.66.132, located in United States and belongs to FASTLY, US. The main domain is gop.com.
TLS certificate: Issued by R3 on September 19th 2021. Valid for: 3 months.

This is the only time gop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.145.38 13.111.145.38	22606 (EXACT-7) (EXACT-7)
1	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
3	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
13	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
6	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:7463	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	13.226.145.99 13.226.145.99	16509 (AMAZON-02) (AMAZON-02)
2	34.199.45.141 34.199.45.141	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
1 3	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	35.186.220.184 35.186.220.184	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	52.49.191.174 52.49.191.174	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
83	27

1 13.111.145.38 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.campaigns.rnchq.com

click.campaigns.rnchq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

gop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

prod-static.gop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7463 (United States)

ASN13335 (CLOUDFLARENET, US)

client.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-99.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.199.45.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-45-141.compute-1.amazonaws.com

10964169.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
nova.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.146.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

9323526.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.220.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.220.186.35.bc.googleusercontent.com

collector-pxv082ghzg.px-cloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.191.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-191-174.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	gstatic.com fonts.gstatic.com www.gstatic.com	604 KB
13	cloudflare.com cdnjs.cloudflare.com	610 KB
7	googleapis.com fonts.googleapis.com	7 KB
7	google.com www.google.com adservice.google.com	45 KB
7	gop.com gop.com prod-static.gop.com	696 KB
5	facebook.com www.facebook.com	1 KB
5	doubleclick.net 1 redirects 9323526.fls.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	3 KB
4	facebook.net connect.facebook.net	316 KB
3	google-analytics.com www.google-analytics.com	61 KB
3	px-cloud.net client.px-cloud.net collector-pxv082ghzg.px-cloud.net	37 KB
3	googletagmanager.com www.googletagmanager.com	154 KB
3	jsdelivr.net cdn.jsdelivr.net	46 KB
2	adsrvr.org js.adsrvr.org insight.adsrvr.org	3 KB
2	igodigital.com 10964169.collect.igodigital.com nova.collect.igodigital.com	3 KB
1	google.de www.google.de	569 B
1	googleadservices.com www.googleadservices.com	14 KB
1	newrelic.com js-agent.newrelic.com	16 KB
1	hotjar.com static.hotjar.com	368 B
1	jquery.com code.jquery.com	30 KB
1	rnchq.com 1 redirects click.campaigns.rnchq.com	414 B
0	nr-data.net Failed bam-cell.nr-data.net Failed
83	21

	Domain	Requested by
13	cdnjs.cloudflare.com	gop.com cdnjs.cloudflare.com
8	www.gstatic.com	gop.com www.google.com www.gstatic.com
7	fonts.googleapis.com	prod-static.gop.com
6	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	gop.com www.gstatic.com
6	prod-static.gop.com	gop.com
5	www.facebook.com	gop.com
4	connect.facebook.net	gop.com
3	9323526.fls.doubleclick.net	1 redirects www.googletagmanager.com gop.com
3	www.google-analytics.com	gop.com
3	www.googletagmanager.com	gop.com
3	cdn.jsdelivr.net	gop.com
2	collector-pxv082ghzg.px-cloud.net	gop.com
1	www.google.de
1	googleads.g.doubleclick.net	gop.com
1	www.googleadservices.com	gop.com
1	insight.adsrvr.org	gop.com
1	js-agent.newrelic.com	gop.com
1	nova.collect.igodigital.com	gop.com
1	stats.g.doubleclick.net	gop.com
1	adservice.google.com	9323526.fls.doubleclick.net
1	js.adsrvr.org	gop.com
1	10964169.collect.igodigital.com	gop.com
1	static.hotjar.com	gop.com
1	client.px-cloud.net	gop.com
1	code.jquery.com	gop.com
1	gop.com
1	click.campaigns.rnchq.com	1 redirects
0	bam-cell.nr-data.net Failed	gop.com
83	29

This site contains links to these domains. Also see Links.

Domain
vote.gop
shop.gop.com
secure.winred.com
www.youtube.com
twitter.com
www.instagram.com
www.facebook.com
www.google.com
80810-info.com

Subject Issuer	Validity	Valid
gop.com R3	`2021-09-19` - `2021-12-18`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.gop.com R3	`2021-09-06` - `2021-12-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
px-cloud.net Cloudflare Inc ECC CA-3	`2021-07-18` - `2022-07-17`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.collect.igodigital.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-25` - `2022-02-25`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-10` - `2021-10-08`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.px-cloud.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-01` - `2022-09-30`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
*.newrelic.com R3	`2021-09-17` - `2021-12-16`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 5 frames:

Primary Page: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Frame ID: 224A606897A337737B56A6ED1F01A610
Requests: 67 HTTP requests in this frame

Frame: https://9323526.fls.doubleclick.net/activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all
Frame ID: 74A9C6785D888F16A18F9AAE0FD07F99
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&co=aHR0cHM6Ly9nb3AuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xg9c5r62fqvk
Frame ID: FD0A8756607FA7ADAE95BE14972B210A
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=s1h5b7q&ref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&upid=mv9jhdl&upv=1.1.0
Frame ID: CC89636F54D25607EF25249618FA3C69
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&cb=ohkf1res0p05
Frame ID: B84666239C7AF0958A252A9A5BC71E93
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Trump Iowa Rally Contest Double Entry | GOP

Page URL History Show full URLs

https://click.campaigns.rnchq.com/?qs=caf5146f73cc6e684c1e72283de02dd55e058b0dc4cf43f05c9e6b2c31b51232f5781550... HTTP 302
https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

PerimeterX (Security) Expand

Overall confidence: 100%
Detected patterns

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

83
Requests

99 %
HTTPS

59 %
IPv6

21
Domains

29
Subdomains

27
IPs

5
Countries

2647 kB
Transfer

6231 kB
Size

16
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://vote.gop/?utm_medium=web&utm_source=organic&utm_campaign=20210721_w000013_votegop_gop_rnc&utm_content=gop_home
Title: Vote

Search URL Search Domain Scan URL

URL: https://shop.gop.com/?utm_medium=web&utm_source=organic&utm_campaign=20210803_w000016_shopgop_gop_rnc&utm_content=homepage_menu
Title: Shop

Search URL Search Domain Scan URL

URL: https://secure.winred.com/rnc/contribute?utm_medium=web&utm_source=organic&utm_campaign=20210803_w000015_homepage-contribute_gop_rnc&utm_content=homepage_contribute_button
Title: Contribute

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UC3o7kbpTUQ5-0WTMIp8sVwA

Search URL Search Domain Scan URL

URL: https://twitter.com/GOP

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gop/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GOP

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCAnoSxqhtrgOBjNxprxPiPA

Search URL Search Domain Scan URL

URL: https://twitter.com/GOPChairwoman

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GOPChairwoman/

Search URL Search Domain Scan URL

URL: https://twitter.com/tommyhicksgop

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/310+First+St+SE,+Washington,+DC+20003/@38.885419,-77.0077413,17z/data=!3m1!4b1!4m5!3m4!1s0x89b7b82b998933d5:0x46c86fa224df8dd!8m2!3d38.885419!4d-77.0055526
Title: 310 First Street, SE, Washington, DC 20003

Search URL Search Domain Scan URL

URL: https://80810-info.com/
Title: www.80810-info.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.campaigns.rnchq.com/?qs=caf5146f73cc6e684c1e72283de02dd55e058b0dc4cf43f05c9e6b2c31b51232f57815504e10e4dbf132503198ffd0d5f35199a5e0c852b2 HTTP 302
https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://9323526.fls.doubleclick.net/activityi;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all HTTP 302
https://9323526.fls.doubleclick.net/activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all

83 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gop.com/trump-iowa-rally-contest-2x/
Redirect Chain

https://click.campaigns.rnchq.com/?qs=caf5146f73cc6e684c1e72283de02dd55e058b0dc4cf43f05c9e6b2c31b51232f57815504e10e4dbf132503198ffd0d5f35199a5e0c852b2
https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop...

53 KB
20 KB

477ms
232ms

Document
text/html

151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

32718a85fa6cd01604d3535fbadd58a99e80c02cca38d011458640d8cec4ae6a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: gop.com
:scheme: https
:path: /trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=utf-8
cache-control: max-age=4000
content-encoding: gzip
x-timer: S1632951265.599414,VS0,VE1
fastly-restarts: 1
accept-ranges: bytes
date: Wed, 29 Sep 2021 21:34:24 GMT
age: 887
set-cookie: _pxhd=dpx1SrR-QaZUVGwAUG1oYfZeTqN2CHQhDmJxTd9R0Ab-7sHHWrL04xzbJXY-YIto-nE8vEfI5sce9e0F0PaTaA==:GXaIuarp8wlS9jfUILacSZbjwaLV234k8/bR4ZWGPQVetajxatVCzCq68DOpdTRgZSRakTT79jTDhdX-ej010TUX1e6wXbIZ7o8kKoeEs5M=; Expires=Thu, 29 Sep 2022 21:34:24 GMT; path=/;
x-served-by: cache-fty21382-FTY, cache-fra19183-FRA
x-cache: HIT, MISS
x-cache-hits: 1, 0
vary: Origin, Accept-Encoding
content-security-policy: frame-ancestors 'none'
referer-policy: no-referrer-when-downgrade
x-frame-options: DENY
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
expect-ct: max-age=604800
feature-policy: camera 'none'; geolocation 'self'; usb 'none'
strict-transport-security: max-age=31557600
content-length: 19878

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Date: Wed, 29 Sep 2021 21:34:23 GMT
Connection: close
Content-Length: 368

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ 158 KB
24 KB 244ms
75ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css

Requested by

Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1750049
x-jsd-version: 4.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 24100
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
x-served-by: cache-fra19152-FRA
x-jsd-version-type: version
date: Wed, 29 Sep 2021 21:34:24 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 219ms
75ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2946773
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yGoOYjBj8rmfVJIbxJL%2By8JMMrPJiMY%2BydI%2BD%2FGLfFDMR0DIo4%2BkAKOEOdY%2F3LoR4QHR5IrznUD0GWtXt14lpdtr08dE%2BszjFrXWPyNAQuch2OjYnQzgZxsVSkLtF7gFacLEA4NI8YnOi8DX0LMa9Pkx"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855ddaafa4a67-FRA
expires: Mon, 19 Sep 2022 21:34:24 GMT

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/ 1 KB
1 KB 265ms
94ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.9.0/slick.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3181001
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 394
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-559"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7l3wTgRe2CKj2MfTtjPR4mbKHzi0LXutEYR7xx7a8yAzjkAZedKtZn4%2FNACN%2F4%2F%2FcCum1G9qXwGKDfRN8AYceaLagAppo9BwMegnzlPilhc746zrZS1ia3KTlzekQcn2IzygvI6u0L1cH2As%2FDFv4Utm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855ddeb8d0629-FRA
expires: Mon, 19 Sep 2022 21:34:24 GMT

GET
H2 200 slick-theme.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 3 KB
1 KB 223ms
80ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick-theme.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5538143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 695
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-c49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YY65sQ89%2FhSL595a9Tr%2F5fE4d%2Bk6Yv4kfw2%2BMRkJk%2B7QevM2Z9LDDRUG092QlFXTlzz%2BshuLqsKHC2HJzy37ZzHogvTDT6Y7lqHSCWwnKkENswCSnQKiQMhUtGkbhmzIzPytTemfd41UcwLuYLTpYsN6"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855ddaafc4a67-FRA
expires: Mon, 19 Sep 2022 21:34:24 GMT

GET
H2 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/ 57 KB
4 KB 272ms
101ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 525551
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3511
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:58 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d2a-e311"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvyI%2FDsaGxNKe5mzwyIOiIkcFGHiUGcl7UIJd7FuXzIO7FdI1A9CtmzlLoB6olF8ZxzT6Lo3acpbP4DvBln5T3whhnXq9d3yff0CI6LcsgrMOj%2Fjs4m4ty3uBpBenA7sGzrridGfmEuK5girod%2F8rheu"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855ddeb900629-FRA
expires: Mon, 19 Sep 2022 21:34:24 GMT

GET
H2 200 main.css
prod-static.gop.com/static/home/css/ 102 KB
102 KB 353ms
80ms Stylesheet
text/css 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-static.gop.com/static/home/css/main.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0cf5a55b75de06381828febc59531e1297e122c0e57c49d9a07adb22dcb9595f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 21205
x-cache: HIT, HIT
content-length: 104288
x-served-by: cache-dca17721-DCA, cache-fra19183-FRA
last-modified: Tue, 28 Sep 2021 15:30:45 GMT
server: AmazonS3
x-timer: S1632951265.048738,VS0,VE1
etag: "d276c6aa7318298c081db09d4c655bbe"
strict-transport-security: max-age=31557600
content-type: text/css
access-control-allow-origin: https://prod.gop.com
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 mobile-logo.png
prod-static.gop.com/static/home/images/ 4 KB
4 KB 98ms
97ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-static.gop.com/static/home/images/mobile-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ff319eebad2f28e1563fff124470e6b807bd7ae9c150428ef72c4a8aa619826

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 21216
x-cache: HIT, HIT
content-length: 4170
x-served-by: cache-dca17734-DCA, cache-fra19183-FRA
last-modified: Thu, 08 Jul 2021 00:31:01 GMT
server: AmazonS3
x-timer: S1632951266.628844,VS0,VE0
etag: "31daaf73b2500e8653954a7cb373b366"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: https://prod.gop.com
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 rnc-loading-logo.gif
prod-static.gop.com/static/home/images/ 251 KB
252 KB 111ms
109ms Image
image/gif 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-static.gop.com/static/home/images/rnc-loading-logo.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a000f3d42682ceb317e44cca2408ad47dd7370dffe7d9448adf11fa06cae47ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 21204
x-cache: HIT, HIT
content-length: 257234
x-served-by: cache-dca12925-DCA, cache-fra19183-FRA
last-modified: Thu, 22 Jul 2021 01:53:18 GMT
server: AmazonS3
x-timer: S1632951266.628954,VS0,VE1
etag: "b6a6f30b18082bc62de017879cdf73c2"
strict-transport-security: max-age=31557600
content-type: image/gif
access-control-allow-origin: https://prod.gop.com
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 263ms
88ms Script
application/javascript 2001:4de0:ac18::1:a:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1632951265.dop220.fr8.t,1632951265.cds248.fr8.hn,1632951265.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/ 248 KB
56 KB 74ms
72ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 529439
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 57137
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-3dee5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMKh%2BId%2FnbGaS8A%2F2TWFvMvFY5hhWkpK6W3FxqqBNrK%2BqIaFaBLp6TZVmyxO94FcOjIZz48J%2BP0Mr%2FKcXIkzfvaTLMymitpWkhVpobopuTnX9iGKck3%2FpbaG7QhHeiZ3qdgBrMWd6vZX7QrEtOW9Ma7J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e00dab4a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 jquery.maskedinput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/ 4 KB
2 KB 78ms
77ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.maskedinput/1.4.1/jquery.maskedinput.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3630676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1714
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-10e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bt8yJ7ppRjrLmbSVuTPlHGbFEp%2BfDuPAIDfX6aEZiriI7tt2riVLQY5yxBVO8%2F1SNnIpMuInlZeqi44Qqao%2F42e92x8u%2BWkAUU3gr2tLiVZz1UrYSQtJx99HwzUTnvxqOjye8ttTF8XUG2jjkDN23dVs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e20ffb4a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/ 24 KB
7 KB 78ms
78ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.2/jquery.validate.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3182447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6970
timing-allow-origin: *
last-modified: Fri, 29 May 2020 16:54:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5ed13e63-5f7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwbZHz2w4aM89ty5ZCli4D66DYYTmLbLygHh4q9nnfnT%2FD6%2Baf%2BRmcCc%2FAEO%2FYeYRDyvv1eyVDidBT0Wza3af8Q7qr2o4behia04zVLGziigQlh2uUhfW%2ByAV8suI5ujSFzUX44UfJ33uVU3QgxylO3f"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e20ffd4a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 additional-methods.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/ 22 KB
6 KB 94ms
93ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.19.1/additional-methods.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdbfba54e6e25086a846e4aeb1d2d15ad5ecfdec2ecfad8b8155e0d9fd595c6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1449976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5702
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-5884"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbHHYmjin5ZwpV3l7xTnafTH17FYlqURmJ3g8TKt4qP5FzCEpkVnVPp8pW6DeR9Uo86ZTyBpYnqk0BZ4J756zsu0jCBG1lKohC5caNXWkNuBMnNeCqheREC8tFicx4hdF1tdnV0KSKq7GXmBAYxqXlqv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e22a110629-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/ 2 KB
1 KB 80ms
78ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6740
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 747
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-9e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2eh4vHvLTLzortOFyZyDrcBdwPfimwkJdxb47KTNJMB3mq0bAaGJ0qi9M%2FLUnCbo8gQgkp0vqAzeIIxwLEKBt%2FoTB2no3%2BGqr4KRNNoWAn4yO2hG%2BSxD%2BG38XiJaRjwK4%2BnJHRY9mF%2B%2B5%2FpqY152qYS8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e20fff4a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 popper.min.js Show response
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ 21 KB
7 KB 91ms
89ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1750051
x-jsd-version: 1.16.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7503
etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q"
x-served-by: cache-fra19152-FRA
x-jsd-version-type: version
date: Wed, 29 Sep 2021 21:34:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ 62 KB
15 KB 91ms
89ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1750048
x-jsd-version: 4.6.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14954
etag: W/"f7eb-O+7WjtfXU8a/T2HCY4bd15KboDA"
x-served-by: cache-fra19152-FRA
x-jsd-version-type: version
date: Wed, 29 Sep 2021 21:34:25 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 all.min.js Show response
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/ 1 MB
355 KB 88ms
86ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/js/all.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e45a1d7590bda6cb0af56a347e979215b8854ac49d54b7091ef1e64d1aa578a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 525275
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 362531
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-12393b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2MRJ0M5jecUrHrjXqjycWqAOSoqGRBSqWbuF%2BxY6Pef5jGsGlWuXjqoGhfVLA2WNbBf4FP8IE1KDPASsON6C7%2FOQmx29Mfms7gdXojABAi87wEZSgrbrchNH3JgYPr7zCct7m2PvO5SwtHkAS1R8hHGY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e208004a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 slick.min.js Show response
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/ 42 KB
9 KB 82ms
80ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.8.1/slick.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8117
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9283
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-a76f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uO78kvU6W0lUa9p0RUKeDNcNWEiOmDAd2J2p6ByfDw%2Ba39GrJUg8i0s%2B3zCpNkxZEt1zu1GbBv7k4Ih4EWHr%2BDUoK7pLLGTYsjahimXX0e6FWMoIuSNKdVwQYZR1G3a0RlTFM77pmNF9vTrclnolP6k2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e208014a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
987 B 260ms
90ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 output.48acf1883b0a.js Show response
prod-static.gop.com/static/CACHE/js/ 25 KB
25 KB 99ms
96ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-static.gop.com/static/CACHE/js/output.48acf1883b0a.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

48acf1883b0a52e734e46595688610a2ff598d1f18230bf423438c07481286e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 21206
x-cache: HIT, HIT
content-length: 25263
x-served-by: cache-dca17766-DCA, cache-fra19183-FRA
last-modified: Sun, 26 Sep 2021 03:57:48 GMT
server: AmazonS3
x-timer: S1632951266.628759,VS0,VE1
etag: "169075233e142d5574d68236e13c1e53"
strict-transport-security: max-age=31557600
content-type: application/javascript
access-control-allow-origin: https://prod.gop.com
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 output.c3340f4eca40.js Show response
prod-static.gop.com/static/CACHE/js/ 6 KB
6 KB 99ms
97ms Script
application/javascript 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://prod-static.gop.com/static/CACHE/js/output.c3340f4eca40.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c3340f4eca409914dc1d7fa7c8e5aedd38d536a416cc74ae16b4ec3a478e0d07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 21215
x-cache: HIT, HIT
content-length: 6476
x-served-by: cache-dca17778-DCA, cache-fra19183-FRA
last-modified: Thu, 12 Aug 2021 13:24:36 GMT
server: AmazonS3
x-timer: S1632951266.628828,VS0,VE0
etag: "85fed0132ff8394c639e24641f8d5136"
strict-transport-security: max-age=31557600
content-type: application/javascript
access-control-allow-origin: https://prod.gop.com
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 273 KB
78 KB 379ms
133ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ&gtm_auth=S6X20P611DwokBd-fUNdPw&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cf878c8de4cbb370b038c3042c589702aae645b7c0a3a5c4c76daa6900c8466

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79835
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 25 KB
2 KB 238ms
86ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 20:49:28 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
980 B 309ms
158ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

25a97b6f96010411d7098a277fc392cf8fe4c024a5bb5ef44b9da7790f0c0022

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:03:17 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
664 B 241ms
90ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:08:01 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 243ms
92ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

28747012c20bc51fcd4eb20e7796cbdb8a5661943eb30621679e2a65b694c2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 20:58:03 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 18 KB
1011 B 243ms
92ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Cormorant+Garamond:ital,wght@0,300;0,400;0,500;0,600;0,700;1,300;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ae86221598346be923523369b4559aeb8773c6b47ea4bd39b03256135669812c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:34:25 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
994 B 306ms
155ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Vollkorn:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb79eed9e51b80e436dab7aad2de28ef642c6bc7a9084eeb94bae4630e44d7e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:34:25 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 css2
fonts.googleapis.com/ 13 KB
825 B 237ms
87ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

Requested by

Host: prod-static.gop.com
URL: https://prod-static.gop.com/static/home/css/main.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a4755a5611c584a8ca78cf9dcbd657d35bf56f358b94df623a30f5025c935ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://prod-static.gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:30:16 GMT
server: ESF
date: Wed, 29 Sep 2021 21:34:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 29 Sep 2021 21:34:25 GMT

GET
H2 200 main.min.js Show response
client.px-cloud.net/PXv082GhZg/ 102 KB
35 KB 1058ms
730ms Script
application/javascript 2606:4700::6812:7463
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://client.px-cloud.net/PXv082GhZg/main.min.js
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:7463 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b37aca3b9c52078fa98d266f0d4a8c37e3693348c0a2c54f944ae9d6b325c4d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
content-encoding: gzip
etag: W/"19745-r36NWAUrduu2pxK8phEcDCRWpZc"
cf-cache-status: MISS
server: cloudflare
active-cdn: cloudflare
x-px-hash: ZDVmYmEwZjVmOTZkYTI0ZDQxZTY5MWYxY2NmMGIxZmI3ZDA1MjJkOGM2MmY2NmUzZTQ1M2MwOTk5N2EzZmQyMw==
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: active-cdn,x-served-by
cache-control: max-age=600,stale-while-revalidate=60,stale-if-error=3600
cf-ray: 696855e41a856949-FRA
vary: Accept-Encoding
x-served-by: 696855e4278a6949-FRA

GET
H2 200 Trump_Gold_1627926568.jpeg
prod-static.gop.com/media/images/ 286 KB
287 KB 192ms
192ms Image
image/jpeg 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://prod-static.gop.com/media/images/Trump_Gold_1627926568.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

08cc0b34457115fcda17f331cd6dec7f549ba16552b14ac7e6d691be8623920b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
via: 1.1 varnish, 1.1 varnish
age: 32565
x-cache: HIT, HIT
content-length: 293266
x-served-by: cache-dca17765-DCA, cache-fra19183-FRA
last-modified: Mon, 02 Aug 2021 17:49:30 GMT
server: AmazonS3
x-timer: S1632951266.629257,VS0,VE1
etag: "562b6f700d800dee62c2d7f02a7a84a2"
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: https://prod.gop.com
cache-control: max-age=86400
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v17/ 34 KB
35 KB 383ms
226ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIvMX1D_JOuMwr7Iw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:38:20 GMT
x-content-type-options: nosniff
age: 312965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35284
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:52:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:38:20 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 323ms
167ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 06:39:46 GMT
x-content-type-options: nosniff
age: 312879
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 06:39:46 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 136ms
134ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80252
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xiHVpYeS9JRM9VejJhcWJHIYUxwg0JQUYgnWtD271D6x9EqXsBnGpClctbScuHHYT5vg9%2Fa9%2FiwjViX1JTEe8%2BoqLR92W%2Bjo12Wt0Vp0j6KubF%2FPh%2F0f%2BewrgPhWMB9C6veqdsQ7Vob2R5HvT76rcpC"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e2181b4a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
23 KB 231ms
75ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh7USSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 15:49:32 GMT
x-content-type-options: nosniff
age: 279893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23248
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:53 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Sep 2022 15:49:32 GMT

GET
H2 200 0QIhMX1D_JOuMw_LIftL.woff2
fonts.gstatic.com/s/lora/v17/ 38 KB
38 KB 433ms
277ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lora/v17/0QIhMX1D_JOuMw_LIftL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lora:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2cc1281e982d8c6167b37535425edbc59606dacc42544d82434db5df51e3c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 24 Sep 2021 08:02:59 GMT
x-content-type-options: nosniff
age: 480686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38988
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:27:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 24 Sep 2022 08:02:59 GMT

GET
H2 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 77 KB
77 KB 135ms
135ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:25 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1204105
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-13288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZaxTFE72cshPgvl%2Blc2zwPj61qiVR1W4OlvUfAu4CyoTrsu5UGlQ%2Fyr4NIbzF9kHG6v53HVpDDKx3y0f95VTmx8XedlFoD%2F2bC2bAYPI4qU90M%2B6yWpH4%2BxVlfIiuVBiutoRwXfJTpObWCO2kmwiJd5"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 696855e2181d4a67-FRA
expires: Mon, 19 Sep 2022 21:34:25 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ 342 KB
134 KB 416ms
143ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gop.com/
Origin: https://gop.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 19:20:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 268ms
85ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2546
date: Wed, 29 Sep 2021 20:52:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Wed, 29 Sep 2021 22:52:00 GMT

GET
H2 200 hotjar-791848.js Show response
static.hotjar.com/c/ 0
368 B 67ms
43ms Script
application/javascript 13.226.145.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-791848.js?sv=7

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.145.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-145-99.dus51.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
via: 1.1 892b66fb24658030c9f86276c7abeda5.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-edge-origin-shield-skipped: 0
etag: W/d41d8cd98f00b204e9800998ecf8427e
x-cache-hit: 1
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-amz-cf-pop: DUS51-C1
content-length: 0
x-amz-cf-id: -vR4MI9CjTL9wWWh8mjLEen70pc4OFXbyGipUipHEalwimPjE1NcLQ==

GET
H2 200 collect.js Show response
10964169.collect.igodigital.com/ 9 KB
2 KB 821ms
174ms Script
application/javascript 34.199.45.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10964169.collect.igodigital.com/collect.js
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.45.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-199-45-141.compute-1.amazonaws.com
Software: /
Resource Hash: 4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
content-encoding: gzip
last-modified: Wed, 29 Sep 2021 15:29:38 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 370ms
125ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25969
x-xss-protection: 0
pragma: public
x-fb-debug: vWx2UdymI17mju3Owecy/KOqXc2988uDlrU+vRMVwgmKDG9u92s7U6WoBVU6BqMoZnS8p78mNrFE0rtCFg+7XA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Wed, 29 Sep 2021 21:34:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 118ms
9ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Wed, 29 Sep 2021 17:40:10 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 14057
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/x-javascript
Via: 1.1 dc81a30f5f4fc309ae9445723779b894.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: uCpXAcBGNeLXOPnkWgr74dNyL6aQ9sylOkrZFTbW0rWMj-IuVroW4w==

GET
H2

200

activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2... Show response
9323526.fls.doubleclick.net/ Frame 74A9
Redirect Chain

https://9323526.fls.doubleclick.net/activityi;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest...
https://9323526.fls.doubleclick.net/activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2F...

629 B
804 B

100ms
99ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9323526.fls.doubleclick.net/activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQQBPQZ&gtm_auth=S6X20P611DwokBd-fUNdPw&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

9c9865ef743561c9061d6641f4afe999c96080ab2ed04dc4b4be16a0af0931ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9323526.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gop.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Sep 2021 21:34:26 GMT
expires: Wed, 29 Sep 2021 21:34:26 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 464
x-xss-protection: 0
set-cookie: IDE=AHWqTUm1ZMaZ2DDMj85MSCgCZ6xy5K5wxCeBKX8WdQ2C20WSFNCViCaquU_g8Ut7ImE; expires=Mon, 24-Oct-2022 21:34:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 29 Sep 2021 21:34:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://9323526.fls.doubleclick.net/activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
37 KB 93ms
91ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9323526

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25972063cfd9c36cc2aec2c2619ba9d8ddec9f370448b07e0cd7baf441df8bc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37512
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Sep 2021 21:34:26 GMT

GET
H2 200 activityi;register_conversion=1;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_m...
9323526.fls.doubleclick.net/ 0
0 483ms
84ms Image
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://9323526.fls.doubleclick.net/activityi;register_conversion=1;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all?
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 113 KB
41 KB 100ms
99ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-NTPH8CG&t=gtm16&cid=1405229492.1632951267

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8fb4c57fb08e9b4fd64e2beca43d65925fb4f45ab9b2219b17d2a8a40272b0ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42145
x-xss-protection: 0
expires: Wed, 29 Sep 2021 21:34:26 GMT

GET
H2 200 1171422386625841 Show response
connect.facebook.net/signals/config/ 5 KB
3 KB 172ms
171ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1171422386625841?v=2.9.47&r=stable

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d68eb8e1826d9711bd5b411fbce0f61516fb7da1b8dd5d090251e6d3f2bf0cd5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: TcOQS/IzNkUkPGzFw2aWJbundgB1yU53nO4FpVjUmbWHvFqDvWxum7S/F91yy5JwWcWfR/g3oABBEcTI4VvMKg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 29 Sep 2021 21:34:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collector Show response
collector-pxv082ghzg.px-cloud.net/api/v2/ 1008 B
1 KB 400ms
100ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxv082ghzg.px-cloud.net/api/v2/collector
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 428999b5a9e9b8dfce8bfe5d98f1aad16f375f6ccc7eb71f5f23b10bea687491

Request headers

Referer: https://gop.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gop.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 1008

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
174 B 92ms
92ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1568472437&t=pageview&_s=1&dl=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&ul=en-us&de=UTF-8&dt=Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=433314755&gjid=650208229&cid=1405229492.1632951267&tid=UA-2431644-99&_gid=873685152.1632951267&_r=1&gtm=2wg9r0KQQBPQZ&z=1335200540

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 21:34:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 657928937632482 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 242ms
242ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/657928937632482?v=2.9.47&r=stable

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

da1cf5c15e84d937ab77bc339f8f5dfe5bf1981440b85dbcbc40bec5c8e86ea2

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: X7uwhnSjxnwbe7d8yMh8tj3gL0eGFYy0NDE/Fcq+QkE8yMXTrudlbniJEYfGL8saNEuKQYCLUH9tOH23B59qRQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 29 Sep 2021 21:34:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=*;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26u...
adservice.google.com/ddm/fls/z/ Frame 74A9 42 B
515 B 292ms
120ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=*;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all

Requested by

Host: 9323526.fls.doubleclick.net
URL: https://9323526.fls.doubleclick.net/activityi;dc_pre=COuwu8GRpfMCFRYcBgAde7MDDA;src=9323526;type=landi0;cat=landi0;ord=2639220520994;gtm=2wg9r0;auiddc=210808797.1632951266;ps=1;~oref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://9323526.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 21:34:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame FD0A 40 KB
21 KB 103ms
103ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&co=aHR0cHM6Ly9nb3AuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xg9c5r62fqvk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

438cfaaf832be78e8f3ab917e012975ac7089c426405fb33f818c467dfda8ca8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+SPGHcMB3MAMe9mJwixNuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&co=aHR0cHM6Ly9nb3AuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xg9c5r62fqvk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gop.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Sep 2021 21:34:26 GMT
content-security-policy: script-src 'report-sample' 'nonce-+SPGHcMB3MAMe9mJwixNuA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 20920
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
454 B 256ms
85ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-2431644-99&cid=1405229492.1632951267&jid=433314755&gjid=650208229&_gid=873685152.1632951267&_u=aGDACEACRAAAAC~&z=1242752489

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gop.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 29 Sep 2021 21:34:27 GMT
content-type: text/plain
access-control-allow-origin: https://gop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame FD0A 52 KB
26 KB 714ms
123ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&co=aHR0cHM6Ly9nb3AuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xg9c5r62fqvk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 12:51:50 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame FD0A 342 KB
134 KB 870ms
280ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8056
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 19:20:11 GMT

GET
H2 202 track_page_view
nova.collect.igodigital.com/c2/10964169/ 43 B
684 B 177ms
176ms Image
image/gif 34.199.45.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nova.collect.igodigital.com/c2/10964169/track_page_view?payload=%7B%22title%22%3A%22Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP%22%2C%22url%22%3A%22https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all%22%2C%22referrer%22%3A%22%22%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.199.45.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-199-45-141.compute-1.amazonaws.com

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-runtime: 0.003632
date: Wed, 29 Sep 2021 21:34:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private
content-transfer-encoding: binary
content-disposition: inline
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-request-id: 2f6921ed-6fc6-4f36-b36e-fa60a88649f4

GET
H2 200 1660815514223309 Show response
connect.facebook.net/signals/config/ 490 KB
144 KB 319ms
319ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1660815514223309?v=2.9.47&r=stable

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e0b8454257c7b02fc24243f15626241197ae8b2190da8bf15ef5b46f851767b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: eWEL78wIlyjYgMAHGJubgAyXi+krstAXQ3nhQsiiIfbA8SyXX2ywWfetKk2bQa+1X66pUwGCybSKi0EPMzO3bA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 29 Sep 2021 21:34:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 239ms
80ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1171422386625841&ev=PageView&dl=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&rl=&if=false&ts=1632951267722&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=28&it=1632951266536&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 29 Sep 2021 21:34:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 240ms
81ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=657928937632482&ev=PageView&dl=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&rl=&if=false&ts=1632951267727&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1632951267726.1843190261&it=1632951266536&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 29 Sep 2021 21:34:27 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 239ms
80ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1660815514223309&ev=PageView&dl=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&rl=&if=false&ts=1632951267728&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1632951267726.1843190261&it=1632951266536&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 29 Sep 2021 21:34:27 GMT

POST
H2 200 collector Show response
collector-pxv082ghzg.px-cloud.net/api/v2/ 672 B
737 B 151ms
151ms XHR
application/json 35.186.220.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-pxv082ghzg.px-cloud.net/api/v2/collector
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.220.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 184.220.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 8f10ae3a7817d1a45f5699166eeebfd5d38248f5e38bf66042c38679b04e60a6

Request headers

Referer: https://gop.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 29 Sep 2021 21:34:26 GMT
via: 1.1 google
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gop.com
access-control-allow-credentials: true
timing-allow-origin: *
alt-svc: clear
content-length: 672

GET
H2 200 nr-spa-1210.min.js Show response
js-agent.newrelic.com/ 41 KB
16 KB 362ms
79ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding: gzip
etag: "d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id: WX0V4HYCNZMQF8V1
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 15563
x-amz-id-2: V3NWDRAGc9SgNVtEBWiiDcINCoTerPj471IMrsQhETN32n9I20g9CtqBNYipCh1nBoNnp81FM40=
x-served-by: cache-fra19132-FRA
last-modified: Tue, 22 Jun 2021 22:47:08 GMT
server: AmazonS3
x-timer: S1632951268.496307,VS0,VE0
date: Wed, 29 Sep 2021 21:34:28 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5326

GET
H2 200 webworker.js
www.google.com/recaptcha/api2/ Frame FD0A 102 B
235 B 94ms
94ms Other
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&co=aHR0cHM6Ly9nb3AuY29tOjQ0Mw..&hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&size=invisible&cb=xg9c5r62fqvk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 21:34:28 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 98ms
98ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-855990581

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f469085a1041c5f27461cace72feb0ab999bf67b7a0081103d8efb14d9753ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39170
x-xss-protection: 0
last-modified: Wed, 29 Sep 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 29 Sep 2021 21:34:28 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame CC89 0
182 B 390ms
99ms Document
text/html 52.49.191.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=s1h5b7q&ref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&upid=mv9jhdl&upv=1.1.0
Requested by: Host: gop.com
URL: https://gop.com/trump-iowa-rally-contest-2x/?utm_medium=email&utm_source=ET_16&utm_campaign=20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc&utm_content=gop_direct-ask_text_sign_disclaimer_other_all
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.191.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-191-174.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: insight.adsrvr.org
:scheme: https
:path: /track/up?adv=s1h5b7q&ref=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&upid=mv9jhdl&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gop.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 bframe Show response
www.google.com/recaptcha/api2/ Frame B846 7 KB
1 KB 97ms
97ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&cb=ohkf1res0p05

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e506372786285d660ace234b7360f761b1167895335f07672a905b1e4cff9dc7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tEL18fn197Ho1uUB9GCYYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&cb=ohkf1res0p05
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gop.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 29 Sep 2021 21:34:28 GMT
content-security-policy: script-src 'report-sample' 'nonce-tEL18fn197Ho1uUB9GCYYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1109
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 80ms
79ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=657928937632482&ev=Microdata&dl=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&rl=&if=false&ts=1632951268314&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22og%3Awebsite%22%2C%22og%3Atitle%22%3A%22Trump%20Iowa%20Rally%20Contest%20Double%20Entry%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Asite_name%22%3A%22GOP%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fprod-static.gop.com%2Fstatic%2Fhome%2Fimages%2Fgop-social-fb.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22400%22%2C%22og%3Aimage%3Aheight%22%3A%22300%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1632951267726.1843190261&it=1632951266536&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 29 Sep 2021 21:34:28 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 80ms
80ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1660815514223309&ev=Microdata&dl=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&rl=&if=false&ts=1632951268315&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atype%22%3A%22og%3Awebsite%22%2C%22og%3Atitle%22%3A%22Trump%20Iowa%20Rally%20Contest%20Double%20Entry%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Asite_name%22%3A%22GOP%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fprod-static.gop.com%2Fstatic%2Fhome%2Fimages%2Fgop-social-fb.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22400%22%2C%22og%3Aimage%3Aheight%22%3A%22300%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.47&r=stable&ec=1&o=30&fbp=fb.1.1632951267726.1843190261&it=1632951266536&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 29 Sep 2021 21:34:28 GMT

GET
H2 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame B846 52 KB
25 KB 124ms
123ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&cb=ohkf1res0p05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 12:51:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25732
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 12:51:50 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/ Frame B846 342 KB
134 KB 136ms
136ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&cb=ohkf1res0p05

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 19:20:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8057
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136719
x-xss-protection: 0
last-modified: Sun, 12 Sep 2021 18:01:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Thu, 29 Sep 2022 19:20:11 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 368ms
119ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14160
x-xss-protection: 0
server: cafe
etag: 14207842493151788310
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 29 Sep 2021 21:34:28 GMT

GET adc6a720a2
bam-cell.nr-data.net/1/ 0
0

POST
H2 200 reload Show response
www.google.com/recaptcha/api2/ Frame B846 35 KB
21 KB 149ms
149ms XHR
application/json 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f8db29f410880fbab2d4c3521a3ae5baf42b616300ea90081cf2260848e0915a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=de&v=tftmXwdbgCvrXiHxr5HGbIaL&k=6LdJ810bAAAAAMndGBa4Auy_FR7SjbKNuCDSbtDb&cb=ohkf1res0p05
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 29 Sep 2021 21:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20905
x-xss-protection: 1; mode=block
expires: Wed, 29 Sep 2021 21:34:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/855990581/ 3 KB
2 KB 283ms
104ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/855990581/?random=1632951268730&cv=9&fst=1632951268730&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&tiba=Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c918987a577038aca44b90bef387c1a8ccacd58f9849b336f990215b70c18b4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 21:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1200
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame B846 600 B
737 B 142ms
141ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 14:23:42 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 285046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
expires: Sun, 03 Oct 2021 14:23:42 GMT

GET
H2 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame B846 530 B
620 B 142ms
141ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 15:09:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 195912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
expires: Mon, 04 Oct 2021 15:09:16 GMT

GET
H2 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame B846 665 B
754 B 143ms
141ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/tftmXwdbgCvrXiHxr5HGbIaL/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 11:05:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 210520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
expires: Mon, 04 Oct 2021 11:05:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B846 15 KB
15 KB 82ms
81ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 10:50:25 GMT
x-content-type-options: nosniff
age: 211443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Sep 2022 10:50:25 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame B846 15 KB
15 KB 88ms
88ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 09:07:47 GMT
x-content-type-options: nosniff
age: 131201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 09:07:47 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/855990581/ 42 B
314 B 108ms
107ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/855990581/?random=1632951268730&cv=9&fst=1632949200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&tiba=Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP&async=1&fmt=3&is_vtc=1&random=3185084344&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 21:34:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/855990581/ 42 B
569 B 394ms
131ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/855990581/?random=1632951268730&cv=9&fst=1632949200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9r0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgop.com%2Ftrump-iowa-rally-contest-2x%2F%3Futm_medium%3Demail%26utm_source%3DET_16%26utm_campaign%3D20210929_107174_sept21-double-entry-iowa-rally-contest-lpd-nd_trumprallycontestviagop_rnc%26utm_content%3Dgop_direct-ask_text_sign_disclaimer_other_all&tiba=Trump%20Iowa%20Rally%20Contest%20Double%20Entry%20%7C%20GOP&async=1&fmt=3&is_vtc=1&random=3185084344&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 29 Sep 2021 21:34:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam-cell.nr-data.net
URL: https://bam-cell.nr-data.net/1/adc6a720a2?a=1219258455&v=1210.e2a3f80&to=b1dTMUVRV0IDWkIMWVYddxBZU01YDVcZDVlVVx8TXlVOQlheUxFpW11fEVJeTQ%3D%3D&rst=5432&ck=1&ref=https://gop.com/trump-iowa-rally-contest-2x/&ap=38&be=1622&fe=5057&dc=2801&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1632951263081,%22n%22:0,%22f%22:1106,%22dn%22:1107,%22dne%22:1197,%22c%22:1197,%22s%22:1197,%22ce%22:1352,%22rq%22:1352,%22rp%22:1584,%22rpe%22:1598,%22dl%22:1601,%22di%22:2801,%22ds%22:2801,%22de%22:2808,%22dc%22:5057,%22l%22:5057,%22le%22:5059%7D,%22navigation%22:%7B%7D%7D&fp=2512&fcp=2639&jsonp=NREUM.setToken

Verdicts & Comments Add Verdict or Comment

106 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 01:55:03	Name: _GRECAPTCHA Value: 09AH-MKGU32zMWP7j7KObpNSku2Mw5SzUdAeGQKJp10wLSDZRS47qtA6GaFA8xUTGR3foAgidXqBkfnn54sG2Q2Jg
gop.com/	1970-01-20 06:21:27	Name: _pxhd Value: dpx1SrR-QaZUVGwAUG1oYfZeTqN2CHQhDmJxTd9R0Ab-7sHHWrL04xzbJXY-YIto-nE8vEfI5sce9e0F0PaTaA==:GXaIuarp8wlS9jfUILacSZbjwaLV234k8/bR4ZWGPQVetajxatVCzCq68DOpdTRgZSRakTT79jTDhdX-ej010TUX1e6wXbIZ7o8kKoeEs5M=
.gop.com/	1970-01-19 23:45:27	Name: _gcl_au Value: 1.1.210808797.1632951266
.gop.com/	1970-01-20 15:07:03	Name: _ga Value: GA1.2.1405229492.1632951267
.gop.com/	1970-01-19 21:37:17	Name: _gid Value: GA1.2.873685152.1632951267
.gop.com/	1970-01-19 21:35:51	Name: _gat_UA-2431644-99 Value: 1
.doubleclick.net/	1970-01-20 06:57:27	Name: IDE Value: AHWqTUm1ZMaZ2DDMj85MSCgCZ6xy5K5wxCeBKX8WdQ2C20WSFNCViCaquU_g8Ut7ImE
.gop.com/	1970-01-19 21:35:51	Name: _px2 Value: eyJ1IjoiMDU1Mzc0NzAtMjE2ZC0xMWVjLTllNmUtNTc1NWRhMDQ0MjM1IiwidiI6IjA0MTM0NjdmLTIxNmQtMTFlYy1hMmY5LTU3NTM0YjRjNjM0NyIsInQiOjYyMDIzNDUwMDAwMCwiaCI6IjU0ZDUwNTVmN2U3MzhlYWNhNTU0YTZkYWI1MjViNmNjYmEwMThkZmFlNDI5Yjg4OWQzMjA3YWZiYjViNjgwMzAifQ==
.gop.com/	1969-12-31 23:59:59	Name: pxcts Value: 058f1de0-216d-11ec-8a0e-6bc12c496131
.gop.com/	1970-01-20 06:21:27	Name: _pxvid Value: 0413467f-216d-11ec-a2f9-57534b4c6347
.igodigital.com/	1970-01-23 13:14:44	Name: igodigitaltc2 Value: 059afc6e-216d-11ec-9936-d249728ba19b
.igodigital.com/	1970-01-19 21:35:54	Name: igodigitalst_10964169 Value: 059b01d2-216d-11ec-9936-d249728ba19b
.igodigital.com/	1970-01-19 21:35:54	Name: igodigitalstdomain Value: 31640
.gop.com/	1970-01-19 23:45:27	Name: _fbp Value: fb.1.1632951267726.1843190261
.gop.com/	1970-01-19 21:35:51	Name: _px3 Value: 3cbafd83428752224e1716b0c4e5d11f85a51e0bad47ec35912acfccaec72000:L7r1CFtFGVgF6CGPSZh6+KVDocteCXE05i4IHBu9FHHgsq9ddu2OK1JxVlM3VD7frJh2DwRAaDe8/mCcTZkHpQ==:1000:pA3w041jK38TorIFWnsSKRc2Py+VpdDwwdX6iKpKQGOvBag9fkFYmgMnKpa0ka6QMV9BY+ZHTKc5BbtsunxBWoo0U5ytwPBBMognCHqDRxb93Vz+gVxVWQqUwTD8EHtPLRFrmh0+Ebg6hR/oC7FSk3Ej0gKxoIx7Kz9GO8R/YWRlJZAiO8zgVEIINPe+a35ful5E3dKolL5Gt39ArHgiLg==
.facebook.com/	1970-01-19 23:45:27	Name: fr Value: 0tiopp1lBW4murfFM..BhVNvj...1.0.BhVNvj.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10964169.collect.igodigital.com
9323526.fls.doubleclick.net
adservice.google.com
bam-cell.nr-data.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
click.campaigns.rnchq.com
client.px-cloud.net
code.jquery.com
collector-pxv082ghzg.px-cloud.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gop.com
insight.adsrvr.org
js-agent.newrelic.com
js.adsrvr.org
nova.collect.igodigital.com
prod-static.gop.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
bam-cell.nr-data.net
13.111.145.38
13.226.145.99
13.226.146.155
142.250.185.66
142.250.186.102
151.101.130.132
151.101.130.137
151.101.66.132
2001:4de0:ac18::1:a:3a
2606:4700::6810:125e
2606:4700::6812:7463
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:830::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c07::9a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a04:4e42:400::485
34.199.45.141
35.186.220.184
52.49.191.174
00c8eb28301cf1a0c2ff74264a1b5c80e592fb25c15391b73516823156e06ec2
08cc0b34457115fcda17f331cd6dec7f549ba16552b14ac7e6d691be8623920b
0a4755a5611c584a8ca78cf9dcbd657d35bf56f358b94df623a30f5025c935ac
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0cf5a55b75de06381828febc59531e1297e122c0e57c49d9a07adb22dcb9595f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1c9eab627784ec862dd97635d015b259fa3fdc1f58d7fd198ae0a449e6790848
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
25972063cfd9c36cc2aec2c2619ba9d8ddec9f370448b07e0cd7baf441df8bc3
25a97b6f96010411d7098a277fc392cf8fe4c024a5bb5ef44b9da7790f0c0022
28747012c20bc51fcd4eb20e7796cbdb8a5661943eb30621679e2a65b694c2ae
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
32718a85fa6cd01604d3535fbadd58a99e80c02cca38d011458640d8cec4ae6a
392ed442867566d8cbd08f7e0d9a379c49177a9c96186ad0d1eba1a316721267
3b843d8505c200af17cdbf0a534faf3a5e6d41e67068387787984470ea717c97
3c770e90f98eb21b0c042fafb49755af93306fbaf42e449524f94fae9fc83295
3e0b8454257c7b02fc24243f15626241197ae8b2190da8bf15ef5b46f851767b
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ff319eebad2f28e1563fff124470e6b807bd7ae9c150428ef72c4a8aa619826
428999b5a9e9b8dfce8bfe5d98f1aad16f375f6ccc7eb71f5f23b10bea687491
438cfaaf832be78e8f3ab917e012975ac7089c426405fb33f818c467dfda8ca8
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
48acf1883b0a52e734e46595688610a2ff598d1f18230bf423438c07481286e8
4b5e988359c30afd1d84b7a5118296f1fc33f4527d530b096ca27aa7fbfef99a
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b37aca3b9c52078fa98d266f0d4a8c37e3693348c0a2c54f944ae9d6b325c4d
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
5fe20047c1cc1be61a786d56c5c02b96453b9c60656d6c8429a1add79017e47f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb55dbfadd93b87021f5281d31950151aa41e0b067c0c134f60331fa5243e89
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7cf878c8de4cbb370b038c3042c589702aae645b7c0a3a5c4c76daa6900c8466
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8f10ae3a7817d1a45f5699166eeebfd5d38248f5e38bf66042c38679b04e60a6
8fb4c57fb08e9b4fd64e2beca43d65925fb4f45ab9b2219b17d2a8a40272b0ee
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c9865ef743561c9061d6641f4afe999c96080ab2ed04dc4b4be16a0af0931ac
9f762334ff28e79eb7547f6ddb109583d35e0ea3600b71406ca233fb57c12458
a000f3d42682ceb317e44cca2408ad47dd7370dffe7d9448adf11fa06cae47ae
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49
ae86221598346be923523369b4559aeb8773c6b47ea4bd39b03256135669812c
b8c490e04a2be43d25df6263307477469d6ef82a318809f800bedda65c4803b0
bdbfba54e6e25086a846e4aeb1d2d15ad5ecfdec2ecfad8b8155e0d9fd595c6a
c3340f4eca409914dc1d7fa7c8e5aedd38d536a416cc74ae16b4ec3a478e0d07
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c918987a577038aca44b90bef387c1a8ccacd58f9849b336f990215b70c18b4e
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d68eb8e1826d9711bd5b411fbce0f61516fb7da1b8dd5d090251e6d3f2bf0cd5
da1cf5c15e84d937ab77bc339f8f5dfe5bf1981440b85dbcbc40bec5c8e86ea2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2cc1281e982d8c6167b37535425edbc59606dacc42544d82434db5df51e3c6c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45a1d7590bda6cb0af56a347e979215b8854ac49d54b7091ef1e64d1aa578a6
e506372786285d660ace234b7360f761b1167895335f07672a905b1e4cff9dc7
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f469085a1041c5f27461cace72feb0ab999bf67b7a0081103d8efb14d9753ccd
f8110a988bd0e88b0bf2c1dcbe276d0eb34e7593b70bd2ed14fb45d87d1d3872
f8db29f410880fbab2d4c3521a3ae5baf42b616300ea90081cf2260848e0915a
fb79eed9e51b80e436dab7aad2de28ef642c6bc7a9084eeb94bae4630e44d7e9
fb82877818fa23c8c028053cc5744c5d7947faca82bd50a82b918016499bfb62
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

gop.com Open in urlscan Pro 151.101.66.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

83 Requests

99 %HTTPS

59 %IPv6

21 Domains

29 Subdomains

27 IPs

5 Countries

2647 kBTransfer

6231 kBSize

16 Cookies

13 Outgoing links

Page URL History

Redirected requests

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gop.com Open in urlscan Pro
151.101.66.132 Public Scan

Screenshot
Live screenshot

Full Image

83
Requests

99 %
HTTPS

59 %
IPv6

21
Domains

29
Subdomains

27
IPs

5
Countries

2647 kB
Transfer

6231 kB
Size

16
Cookies

83 HTTP transactions
0 data transactions