give.victorypassport.com Open in urlscan Pro
2600:9000:2057:7c00:17:ecf9:140:93a1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ct3.thedailygrind.news/t/621390/22627166/11534/1/
Effective URL:
https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=E...
Submission: On September 13 via manual (September 13th 2019, 9:11:50 pm UTC) from US

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 23 domains to perform 76 HTTP transactions. The main IP is 2600:9000:2057:7c00:17:ecf9:140:93a1, located in United States and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is give.victorypassport.com.
TLS certificate: Issued by Amazon on February 5th 2019. Valid for: a year.

This is the only time give.victorypassport.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:30:... 2606:4700:30::681b:9ba9	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2600:9000:205... 2600:9000:2057:7c00:17:ecf9:140:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
9	2600:9000:205... 2600:9000:2057:4400:14:71e7:1f40:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	143.204.214.7 143.204.214.7	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	151.101.12.176 151.101.12.176	54113 (FASTLY) (FASTLY - Fastly)
2	52.216.128.157 52.216.128.157	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1 13	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
7	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
2 2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE - Google LLC)
2 5	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE - Google LLC)
2	54.91.10.201 54.91.10.201	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1288:f03... 2a00:1288:f03d:1fa::4000	10310 (YAHOO-1) (YAHOO-1 - Oath Holdings Inc.)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY - Fastly)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER - Twitter Inc.)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	34.199.174.0 34.199.174.0	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER - Twitter Inc.)
76	25

1 2606:4700:30::681b:9ba9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ct3.thedailygrind.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:7c00:17:ecf9:140:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

give.victorypassport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2057:4400:14:71e7:1f40:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

mystique.victorypassport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.7 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-214-7.fra53.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.12.176 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.128.157 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:825::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.91.10.201 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-91-10-201.compute-1.amazonaws.com

s.crowdskout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.crowdskout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1 - Oath Holdings Inc., US)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

fast.wistia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.199.174.0 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-174-0.compute-1.amazonaws.com

a.crowdskout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER - Twitter Inc., US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google-analytics.com 1 redirects www.google-analytics.com	54 KB
12	victorypassport.com give.victorypassport.com mystique.victorypassport.com	303 KB
7	facebook.net connect.facebook.net	317 KB
6	facebook.com www.facebook.com	788 B
5	google.de www.google.de	548 B
5	google.com 2 redirects www.google.com	741 B
5	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
4	gstatic.com fonts.gstatic.com	46 KB
4	stripe.com js.stripe.com	39 KB
3	crowdskout.com s.crowdskout.com a.crowdskout.com	9 KB
3	googletagmanager.com www.googletagmanager.com	79 KB
2	yimg.com s.yimg.com	6 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	amazonaws.com s3.amazonaws.com	262 KB
1	twitter.com analytics.twitter.com	266 B
1	ytimg.com s.ytimg.com	10 KB
1	wistia.net fast.wistia.net	108 KB
1	youtube.com www.youtube.com	1 KB
1	t.co t.co	170 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	9 KB
1	honeybadger.io js.honeybadger.io	4 KB
1	thedailygrind.news 1 redirects ct3.thedailygrind.news	1 KB
76	23

	Domain	Requested by
13	www.google-analytics.com	1 redirects mystique.victorypassport.com www.googletagmanager.com give.victorypassport.com
9	mystique.victorypassport.com	give.victorypassport.com mystique.victorypassport.com
7	connect.facebook.net	give.victorypassport.com connect.facebook.net
6	www.facebook.com	mystique.victorypassport.com give.victorypassport.com
5	www.google.de	mystique.victorypassport.com give.victorypassport.com
5	www.google.com	2 redirects give.victorypassport.com
4	fonts.gstatic.com	mystique.victorypassport.com
4	js.stripe.com	mystique.victorypassport.com js.stripe.com
3	googleads.g.doubleclick.net	www.googleadservices.com
3	www.googletagmanager.com	mystique.victorypassport.com www.googletagmanager.com
3	give.victorypassport.com	give.victorypassport.com
2	a.crowdskout.com	s.crowdskout.com
2	s.yimg.com	give.victorypassport.com s.yimg.com
2	stats.g.doubleclick.net	2 redirects
2	fonts.googleapis.com	mystique.victorypassport.com
2	s3.amazonaws.com	mystique.victorypassport.com
1	analytics.twitter.com	static.ads-twitter.com
1	s.ytimg.com	www.youtube.com
1	fast.wistia.net	s.crowdskout.com
1	www.youtube.com	s.crowdskout.com
1	t.co	give.victorypassport.com
1	static.ads-twitter.com	give.victorypassport.com
1	s.crowdskout.com	give.victorypassport.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.honeybadger.io	mystique.victorypassport.com
1	ct3.thedailygrind.news	1 redirects
76	26

This site contains links to these domains. Also see Links.

Domain
www.victorypassport.com

Subject Issuer	Validity	Valid
*.victorypassport.com Amazon	`2019-02-05` - `2020-03-05`	a year	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2019-08-15` - `2019-11-19`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2018-12-03` - `2019-10-25`	a year	crt.sh
*.googleapis.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months	crt.sh
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
*.crowdskout.com Go Daddy Secure Certificate Authority - G2	`2019-02-07` - `2021-02-22`	2 years	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2019-08-13` - `2019-09-27`	a month	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-04-10` - `2020-03-21`	a year	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2019-04-09` - `2020-04-01`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Frame ID: C6E080E70D799F70A0186735E43D0CAF
Requests: 45 HTTP requests in this frame

Frame: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
Frame ID: 77F8F1541286FEDA62B43F84A1D04A57
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v2/m/outer.html
Frame ID: 1E23E32D1538C4C4083EB84EE309F083
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-4ff33198d9988d622b71daf19b443ba0.html
Frame ID: 6DF6536FBB04C5002D9E3768BD8BCCAE
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-b32951885d44fadff6a015943471b5df.html
Frame ID: 59CED1C6467A92FE941DCFCED65EE4E3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://ct3.thedailygrind.news/t/621390/22627166/11534/1/ HTTP 302
https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA... Page URL

Detected technologies

Pure CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<div[^>]+class="[^"]*pure-u-(?:sm-|md-|lg-|xl-)?\d-\d/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i
headers server /^AmazonS3$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon S3 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

headers server /^AmazonS3$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

76
Requests

100 %
HTTPS

62 %
IPv6

23
Domains

26
Subdomains

25
IPs

5
Countries

1258 kB
Transfer

4059 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.victorypassport.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.victorypassport.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ct3.thedailygrind.news/t/621390/22627166/11534/1/ HTTP 302
https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=806767548&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&_u=IEBAAEAB~&jid=1367472477&gjid=412093426&cid=800537277.1568409093&tid=UA-10463545-15&_gid=1102891975.1568409093&_r=1&z=933203298 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_gid=1102891975.1568409093&gjid=412093426&_v=j79&z=933203298 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_v=j79&z=933203298 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_v=j79&z=933203298&slf_rd=1&random=2027447554

Request Chain 31

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&gjid=2078383910&_gid=1102891975.1568409093&_u=YGDAgEAB~&z=1016247662 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&_v=j79&z=1016247662 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&_v=j79&z=1016247662&slf_rd=1&random=3942805757

76 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/
Redirect Chain

http://ct3.thedailygrind.news/t/621390/22627166/11534/1/
https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&ut...

3 KB
1 KB

167ms
129ms

Document
text/html

2600:9000:2057:7c00:17:ecf9:140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7c00:17:ecf9:140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5afd97cc0b9bc308b7c50fe3567df3fd19cf2c5be5ec4ac4febe17f6412aaad1

Request headers

:method: GET
:authority: give.victorypassport.com
:scheme: https
:path: /nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=utf-8
date: Tue, 10 Sep 2019 09:17:48 GMT
last-modified: Mon, 09 Sep 2019 19:47:13 GMT
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 6H4brkeBoicPtgO2psAf-LJZ6xTs2VMCE2FxtE75Lnf4K-suUapKuw==

Redirect headers

Date: Fri, 13 Sep 2019 21:11:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d382adad5b01e618ea2e1a1eb83d104831568409091; expires=Sat, 12-Sep-20 21:11:31 GMT; path=/; domain=.thedailygrind.news; HttpOnly messageid=621390 ; expires=Monday, 12-Sep-2022 21:08:23 GMT ; path=/ memberid=22627166 ; expires=Monday, 12-Sep-2022 21:08:23 GMT ; path=/ urlid=11534 ; expires=Monday, 12-Sep-2022 21:08:23 GMT ; path=/ groupid=1 ; expires=Monday, 12-Sep-2022 21:08:23 GMT ; path=/
Location: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
URI: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Server: cloudflare
CF-RAY: 515d1d347bf0cbb8-VIE

GET
H2 200 site-6c167e01.css
give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/stylesheets/ 29 KB
6 KB 134ms
133ms Stylesheet
text/css 2600:9000:2057:7c00:17:ecf9:140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/stylesheets/site-6c167e01.css
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7c00:17:ecf9:140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86aec3313e0fff75c162c1e00067c56506072ecd5694fb7ba0de3dae1a392d5d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Sep 2019 09:17:49 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 19:47:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css; charset=utf-8
status: 200
x-amz-cf-id: qBxS6xTYfj9YGAC26_6f_km-yK1tjQQmDBXWfFbQ7Ft3XC0XrwNhzA==
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)

GET
H2 200 all-4abf6d7e.js Show response
give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/javascripts/ 0
302 B 211ms
210ms Script
application/javascript 2600:9000:2057:7c00:17:ecf9:140:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/javascripts/all-4abf6d7e.js
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7c00:17:ecf9:140:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 10 Sep 2019 09:17:49 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Mon, 09 Sep 2019 19:47:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
status: 200
content-length: 0
x-amz-cf-id: d9Do6Qgfaaq4y7G5-Tm-Kwgfp0N1YfytRZhzVajbWHSZBwNAdVDsPw==

GET
H2 200 jigsaw_initial Show response
mystique.victorypassport.com/scripts/ 813 B
1 KB 404ms
359ms Script
text/javascript 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/scripts/jigsaw_initial

Requested by

Host: give.victorypassport.com
URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.12.1 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 389
x-xss-protection: 1; mode=block
x-request-id: 3d9c698a-d316-4804-9af3-25de6355e99a
x-runtime: 0.004069
server: nginx/1.12.1 + Phusion Passenger 6.0.2
x-frame-options: SAMEORIGIN
etag: W/"9a95a26d3ddf3552a8232e66f655e93c"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: ZnULJPjuNZ1YsMs3SboYetY68bGKSKLRrJI_hYBaaC1B2IdjRxQTIA==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 jigsaw.css
mystique.victorypassport.com/styles/ 789 B
927 B 370ms
368ms Stylesheet
text/css 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/styles/jigsaw.css?location_url=https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.12.1 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 406
x-xss-protection: 1; mode=block
x-request-id: f48ab5c3-e531-46eb-8753-d0cd1efa86c2
x-runtime: 0.007243
server: nginx/1.12.1 + Phusion Passenger 6.0.2
etag: W/"1d4241902701f5e95c12b5436961a139"
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: H514dOKELYpXp1wlzBd87K8NmSSw3RBu2rQoDaqe61oM2UWWe3Jwzw==

GET
H2 200 jigsaw Show response
mystique.victorypassport.com/scripts/ 2 KB
2 KB 381ms
381ms Script
text/javascript 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw==

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw_initial

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.12.1 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

cc9f2893f07bc1ada8d13f04ba3f9977162fb1747e832da75827bf4aaeaf3619

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA6-C1
x-powered-by: Phusion Passenger 6.0.2
x-cache: Miss from cloudfront
status: 200, 200 OK
content-length: 1053
x-xss-protection: 1; mode=block
x-request-id: ca7065b8-379f-49ad-a8d4-265fc95ab973
x-runtime: 0.011836
server: nginx/1.12.1 + Phusion Passenger 6.0.2
x-frame-options: SAMEORIGIN
etag: W/"ddef3f6a98abb791374c07c610a4df2d"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control: max-age=0, private, must-revalidate
x-amz-cf-id: kxA896dTFV51Ns12rUNzXyLu8s0i0Iz8UYMzOxqlE0ffGlP1mm_xDw==
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR

GET
H2 200 stand-with-trump-5x-match-slr Show response
mystique.victorypassport.com/pages/nrcc/ Frame 77F8 22 KB
8 KB 388ms
388ms Document
text/html 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw==

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

Software

nginx/1.12.1 + Phusion Passenger 6.0.2 / Phusion Passenger 6.0.2

Resource Hash

91d9383cba48973428083a71f31020ba7a2bb1b3b1c53ac950a6540441f8d11d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: mystique.victorypassport.com
:scheme: https
:path: /pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-site
referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline

Response headers

status: 200 200 OK
content-type: text/html; charset=utf-8
content-length: 7789
cache-control: max-age=0, private, must-revalidate
content-encoding: gzip
cp: CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR
date: Fri, 13 Sep 2019 21:11:32 GMT
etag: W/"c1b8d1bf8e9f6a2109d568525116ae73"
server: nginx/1.12.1 + Phusion Passenger 6.0.2
set-cookie: _mystique_session=TDc5S0l3Z3daNU5CKytMRElBODV4bkk5VjRQT3lqd2ZPd1JWSkpPZEo2Ti9Za01ZdExhQUN2KzRrV1g5bW9ZRUN5b1lhSGQvdjJWYlBTcnVRd1o1SXFnalRaT2MycHNyS1ZlQ25sUXJ0WlpBSGtNdVNxYk5uTzhMcnF0SnN6MjZUeFc5L3ZlN0UzR1drRkwzMHZGUmxBPT0tLUxzaFB4djg2NS84NFZkZ2cydEp4UkE9PQ%3D%3D--efce89e7f9fc2d2da3e1f83c8d259f9260171709; path=/; expires=Sun, 13 Sep 2020 03:11:32 -0000; secure; HttpOnly
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 6.0.2
x-request-id: 21e262e5-eab2-46f2-9996-bbccfd89b211
x-runtime: 0.023882
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: FCRbFkr46VKFRGi6TKgWj3y-iqE_gNuHplV5rpJ4nIgmRKb0FK0WGw==

GET
H2 200 application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
mystique.victorypassport.com/assets/jackal/ 20 KB
5 KB 30ms
30ms Stylesheet
text/css 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 18:45:09 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.12.1
age: 8783
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA6-C1
content-length: 4419
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-id: REZ5Jd4QYo4AYbZe_qGO5YQDJLESjiT-JDEFfq2bllWg0hFowcALig==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js Show response
mystique.victorypassport.com/assets/jackal/ 42 KB
10 KB 22ms
22ms Script
application/x-javascript 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/scripts/jigsaw?location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8/cmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw==
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 18:45:09 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.12.1
age: 8783
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA6-C1
content-length: 9742
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-id: ADZbktdfsWCpieq8Zl2NRd3yTsHINNFlWgovU9Xym8DNtwwgeiAKKA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
mystique.victorypassport.com/assets/ 444 B
814 B 10ms
10ms Image
image/jpeg 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mystique.victorypassport.com/assets/circles-cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c.jpg
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 08 Aug 2019 07:26:12 GMT
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
last-modified: Mon, 01 Oct 2018 19:53:09 GMT
server: nginx/1.12.1
age: 3159920
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 444
x-amz-cf-id: OklsTJlQRxeKa-FzLPhCKjWWzn88nzr1bLUBdbneoYYwvhTq6kXVUw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-d177d9c3a84c650b7f3d14bac7854b3469182f5afb605dd8c2249d44556246df.css
mystique.victorypassport.com/assets/donation_form/ Frame 77F8 575 KB
102 KB 27ms
26ms Stylesheet
text/css 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/donation_form/application-d177d9c3a84c650b7f3d14bac7854b3469182f5afb605dd8c2249d44556246df.css
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 340ab97b4ab045fd48b41921cd0b16e8de0172d7ea629de882ef478b69d640e6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 18:45:10 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.12.1
age: 8783
x-cache: Hit from cloudfront
content-type: text/css
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA6-C1
content-length: 104128
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-id: Z_YyH5mhUTMNbZsZF_YoTzosrjyznMxSC3EPnsBdG9Z1aYR4PY-QXw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js Show response
mystique.victorypassport.com/assets/donation_form/ Frame 77F8 606 KB
166 KB 14ms
13ms Script
application/x-javascript 2600:9000:2057:4400:14:71e7:1f40:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://mystique.victorypassport.com/assets/donation_form/application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:4400:14:71e7:1f40:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 18:45:09 GMT
content-encoding: gzip
last-modified: Mon, 09 Sep 2019 14:24:05 GMT
server: nginx/1.12.1
age: 8784
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=315360000, public
x-amz-cf-pop: FRA6-C1
content-length: 169607
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
x-amz-cf-id: RH4vdwfX3NWhBW_vRpEQ2aAD_OBKP8ColzDpIiZ0cUiIi2FVlvu5aA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v0.3/ Frame 77F8 12 KB
4 KB 53ms
7ms Script
application/x-javascript 143.204.214.7
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v0.3/honeybadger.min.js
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.214.7 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-143-204-214-7.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a5d46c872394dad63492e5196d0d7d0b31cfcedafd3237598cea519ded79f7d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Last-Modified: Thu, 13 Aug 2015 16:44:24 GMT
Server: AmazonS3
Age: 57
Date: Fri, 13 Sep 2019 21:10:37 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA53-C1
X-Amz-Cf-Id: tyrmDO6Zg2PRkLxu5AbphwFdPLJnStXco7LbfSIciayqcsF4I3XKqQ==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 77F8 144 KB
39 KB 20ms
6ms Script
application/javascript 151.101.12.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

da6b4cf9381358b6aba415db783e66b6484a38524b8a713a6529c7e66d658af1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 22
x-cache: HIT
status: 200
content-length: 38930
x-amz-id-2: 7hVn+bzu9dOiZgAhqtOJy5KIymrYOp0N70QnFzbKc6iAFSJ2dfHQV+nAq2IXSCQEjlVyNgBXEaA=
x-served-by: cache-fra19172-FRA
timing-allow-origin: *
last-modified: Thu, 12 Sep 2019 21:11:03 GMT
server: AmazonS3
x-timer: S1568409093.068447,VS0,VE0
etag: "9bdafc0fd90bb47f2717b0babfd68ee8"
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-amz-request-id: F61DB7E08BACE9D5
via: 1.1 varnish
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 13

GET
H/1.1 200
OK large_0a20c0c1-544f-4f55-90ae-586f9eb0bc6e.png
s3.amazonaws.com/mystique.victorypassport.com/donation_page/6910/page_image/ Frame 77F8 250 KB
251 KB 378ms
109ms Image
image/png 52.216.128.157
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/mystique.victorypassport.com/donation_page/6910/page_image/large_0a20c0c1-544f-4f55-90ae-586f9eb0bc6e.png
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.128.157 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9a2f3ce602bbcbc65014536d8adda40023face996dab40cca3b70951d505775c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 21:11:34 GMT
Last-Modified: Mon, 09 Sep 2019 19:45:38 GMT
Server: AmazonS3
x-amz-request-id: 9CEEA4CB8F31FEC1
ETag: "369989b45fff71fd5feff532a9957479"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 256220
x-amz-id-2: aH3IZJjDzjF5OnbEC6VvFhPGIRkcUCoreT/b+wQ3O/vIz3rpFnibP+b+VmxavTkXxeXV1J2Cl0g=
Expires: Mon, 16 Sep 2019 14:48:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 77F8 3 KB
578 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Sep 2019 21:11:33 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 13 Sep 2019 21:11:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 77F8 14 KB
922 B 24ms
24ms Stylesheet
text/css 2a00:1450:4001:81a::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,600,700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

58aa0e80aab1877f50dcce5806fdc75a18f82161ad1493a6bfb79c9d283bc19c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 13 Sep 2019 21:11:33 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Fri, 13 Sep 2019 21:11:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 77F8 57 KB
20 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MHGMG8H

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6ea6b63461fe504af6c05d5ace635383fff8da1840a1aa5377b6bea6b559e33e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 20701
x-xss-protection: 0
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 77F8 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1680
date: Fri, 13 Sep 2019 20:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 13 Sep 2019 22:43:33 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 77F8 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,600,700
Origin: https://mystique.victorypassport.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 21:41:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 862209
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9132
x-xss-protection: 0
expires: Wed, 02 Sep 2020 21:41:24 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ Frame 77F8 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,400,600,700
Origin: https://mystique.victorypassport.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 30 Aug 2019 12:30:05 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1240888
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9080
x-xss-protection: 0
expires: Sat, 29 Aug 2020 12:30:05 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v16/ Frame 77F8 14 KB
14 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Origin: https://mystique.victorypassport.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 03 Sep 2019 19:34:39 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:54 GMT
server: sffe
age: 869814
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 14176
x-xss-protection: 0
expires: Wed, 02 Sep 2020 19:34:39 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ Frame 77F8 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic&subset=latin
Origin: https://mystique.victorypassport.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 19:26:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 1820710
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 14044
x-xss-protection: 0
expires: Sat, 22 Aug 2020 19:26:23 GMT

GET
DATA 200
OK truncated
/ Frame 77F8 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd0be439382896efa9951981bb35906a21cd6519d3d6451985c6bebec417b3c6

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://mystique.victorypassport.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 outer.html
js.stripe.com/v2/m/ Frame 1E23 0
0 6ms
5ms Document
text/html 151.101.12.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v2/m/outer.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v2/m/outer.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D

Response headers

status: 200
x-amz-id-2: bRaJiN0U3EJrjl6po5AntpIq8G5DcaMdZ9vxtERi5W/zrjY70D560lPmxjYe8YIa3OIDetl00OI=
x-amz-request-id: FCE8C4FF4DCA1E80
last-modified: Wed, 06 Sep 2017 17:40:34 GMT
etag: "51b76bd7931c50d2bf6d4c5a93d343f9"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 13 Sep 2019 21:11:33 GMT
via: 1.1 varnish
age: 100
x-served-by: cache-fra19172-FRA
x-cache: HIT
x-cache-hits: 51
x-timer: S1568409093.192021,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-length: 388

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 110 KB
33 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ea9d2fce846b2d447758c6735015ac69a9f67ab0b6402819297cf8643a9f04e5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 33256
x-xss-protection: 0
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/assets/jackal/application-8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1680
date: Fri, 13 Sep 2019 20:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 13 Sep 2019 22:43:33 GMT

GET
H/1.1 200
OK VictoryPassport.ttf
s3.amazonaws.com/assets.victorypassport.com/fonts/ 11 KB
11 KB 381ms
112ms Font
application/octet-stream 52.216.128.157
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/assets.victorypassport.com/fonts/VictoryPassport.ttf
Requested by: Host: mystique.victorypassport.com
URL: https://mystique.victorypassport.com/assets/donation_form/application-e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.128.157 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e

Request headers

Sec-Fetch-Mode: cors
Referer: https://mystique.victorypassport.com/assets/jackal/application-699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5.css
Origin: https://give.victorypassport.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 13 Sep 2019 21:11:34 GMT
Last-Modified: Wed, 01 Jul 2015 02:35:45 GMT
Server: AmazonS3
x-amz-request-id: 5AAB48C3155B3B80
ETag: "7d80bd6dc0d2e81dc2274a2b29799949"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Accept-Ranges: bytes
Content-Length: 10804
x-amz-id-2: CJElIuo8w0hWUxRE61Zd2thiq7y4UpdcCU2gxv03noAdj4l6BK0440zJJg6SCxXUKNBY1vHlk1k=

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 77F8 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MHGMG8H

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 1680
date: Fri, 13 Sep 2019 20:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Fri, 13 Sep 2019 22:43:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 77F8 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: Pftbrndhs4cV5GiHPfmE7Fxuq3i2D2nWUKKNvoMnx0kveZjtdABdTvo28bbrI6AKJo9yG019jSNxbHKR6f/oyA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 77F8
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=806767548&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_gid=1102891975.1568409093&gjid=412093426&_v=j79&z=933203298
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_v=j79&z=933203298
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_v=j79&z=933203298&slf_rd=1&random=2027447554

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_v=j79&z=933203298&slf_rd=1&random=2027447554

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-15&cid=800537277.1568409093&jid=1367472477&_v=j79&z=933203298&slf_rd=1&random=2027447554
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 77F8 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=806767548&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&_u=YGDAgEAB~&jid=1882284657&gjid=2078383910&cid=800537277.1568409093&tid=UA-10463545-9&_gid=1102891975.1568409093&gtm=2wg941MHGMG8H&z=1015249800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 77F8
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&gjid=2078383910&_gid=1102891975.1568409093&_u=YGDAgEAB~&z=1016247662
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&_v=j79&z=1016247662
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&_v=j79&z=1016247662&slf_rd=1&random=3942805757

42 B
109 B

19ms
19ms

Image
image/gif

2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&_v=j79&z=1016247662&slf_rd=1&random=3942805757

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10463545-9&cid=800537277.1568409093&jid=1882284657&_v=j79&z=1016247662&slf_rd=1&random=3942805757
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ Frame 77F8 35 B
111 B 14ms
13ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=806767548&t=pageview&_s=1&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&_u=YGDAAEAB~&jid=691466204&gjid=1735777509&cid=800537277.1568409093&tid=UA-10463545-10&_gid=1102891975.1568409093&_r=1&gtm=2wg941MHGMG8H&z=117694650

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=569960427&t=pageview&_s=1&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Donate%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=AACAAEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-15267911-1&_gid=1102891975.1568409093&z=1941063039

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1278724555535987 Show response
connect.facebook.net/signals/config/ Frame 77F8 308 KB
78 KB 110ms
110ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1278724555535987?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

31d372bf0af35eec8dcec6f661997e39a242782c737738b7397c919d55dd4b47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: 3FFkvF/yMnPirVSnVyvr+DDBkHL6h8EFIIToeGjF0FY8ur8YJTE9NfL9VeGTy+g3i1l0b9G76bfHPFHStQN+kg==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 69 KB
26 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-9232116

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

88434d6c01e9f28639d7661b93ae0a6be0af287b2e30c5cc23c2cb80ac6cb42e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 26907
x-xss-protection: 0
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 24 KB
9 KB 15ms
15ms Script
text/javascript 172.217.16.130
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

5f019ca5325016e06b9356adc80b3c13347a9109d510314b09f8e8dfa73486c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9174
x-xss-protection: 0
server: cafe
etag: 16398167696949098427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 121 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: Pftbrndhs4cV5GiHPfmE7Fxuq3i2D2nWUKKNvoMnx0kveZjtdABdTvo28bbrI6AKJo9yG019jSNxbHKR6f/oyA==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
s.crowdskout.com/ 27 KB
8 KB 319ms
94ms Script
application/javascript 54.91.10.201
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://s.crowdskout.com/analytics.js
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.91.10.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-91-10-201.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 24b8df93ce3f800e0b7c6994e3d6f6dc215753c10551144830b96f15d4801d80

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2019 20:13:20 GMT
server: openresty
etag: W/"5d51c860-6c33"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
cache-control: max-age=86400
expires: Sat, 14 Sep 2019 21:11:33 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
5 KB 41ms
15ms Script
application/javascript 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 20:56:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 923
x-amz-server-side-encryption: AES256
status: 200
vary: Origin, Accept-Encoding
x-amz-request-id: E40012DF42CAA123
x-amz-id-2: PLkCIy3mKkRcPY+mJHzGLmifcBjW8LCl6s9G5bVlOHbFeDBdmq6ba0dO80tKI5mtgUDjdQT31vU=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Fri, 28 Aug 2020 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Wed, 24 Jul 2019 11:33:24 GMT
server: ATS
etag: "f0737c96607a897bd5c4b86e364b3e28-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-version-id: O__PgtPqBm2npiKf3ZYV0ppfblQUYlnj
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 6ms
5ms Script
application/javascript 151.101.112.157
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: give.victorypassport.com
URL: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
age: 46735
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4021-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1568409093.269382,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 adsct
t.co/i/ 43 B
170 B 116ms
116ms Image
image/gif 104.244.42.69
Twitter Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1kfn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 109
pragma: no-cache
last-modified: Fri, 13 Sep 2019 21:11:33 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: cb81e8b759e8fb11450a0b7209fb9b88
x-transaction: 00986c1c00148e4a
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 298860036983510 Show response
connect.facebook.net/signals/config/ 307 KB
79 KB 112ms
112ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/298860036983510?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

4ca9cf5b9267b3d23603f4b8330e856209e4e5ee99d8c17ba2cdda5ed34f3824

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: gTGMYrG3RdhEjV/y6vIR4vYhh5gbY4rrs7udlVgBCE1zeTiuJrDtiFn7W/Og0rO9EGdqyyjAM45gmWFNb93Yig==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1568409093283&cv=9&fst=1568409093283&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ecd045e9448636289be86a4818b7cf68e008bf52c24c7d04bfde62056fe18ccd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1078
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/762936632/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/762936632/?random=1568409093285&cv=9&fst=1568409093285&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

cce3e3cf25c6a678f489a12206c68b7bfec2e49a550d1635072553a109ed5c88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1568409093305&cv=9&fst=1568409093305&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2od941&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

b7951d0fd600e77b4ae277f050bc57aeb874aa0603374605ca0a28b2e332b54d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 1101
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/815133722/ 42 B
126 B 23ms
23ms Image
image/gif 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/815133722/?random=1568409093283&cv=9&fst=1568408400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=2745033749&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/815133722/ 42 B
110 B 30ms
30ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/815133722/?random=1568409093283&cv=9&fst=1568408400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=2745033749&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/762936632/ 42 B
118 B 28ms
28ms Image
image/gif 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/762936632/?random=1568409093285&cv=9&fst=1568408400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=3398076839&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/762936632/ 42 B
110 B 27ms
27ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/762936632/?random=1568409093285&cv=9&fst=1568408400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg941&sendb=1&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=3398076839&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10057379.json Show response
s.yimg.com/wi/config/ 2 B
481 B 451ms
426ms XHR
application/json 2a00:1288:f03d:1fa::4000
Oath Holdings Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10057379.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

2a00:1288:f03d:1fa::4000 , United Kingdom, ASN10310 (YAHOO-1 - Oath Holdings Inc., US),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
status: 200
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-amz-request-id: 201D9A2739E4DA01
x-amz-id-2: fE5mp5YapJddZR8q1DnZyZgRxNpMHDxZy6vtolLD8PjWW+9GgoHQ1fdz98fuTM+N7sGywvHhOeQ=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600

GET
H2 200 /
www.google.com/pagead/1p-user-list/815133722/ 42 B
118 B 24ms
23ms Image
image/gif 2a00:1450:4001:81c::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/815133722/?random=1568409093305&cv=9&fst=1568408400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2od941&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=552619993&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/815133722/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:81e::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/815133722/?random=1568409093305&cv=9&fst=1568408400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2od941&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&tiba=Donate%20Today&async=1&fmt=3&is_vtc=1&random=552619993&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ Frame 77F8 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: BxjNJ2dSk40dhgKMraLeRKEPyyTVDc88OWRgZ3lz0V8V6vxuZx3sKLx9rCgZpAXiYT3b4IzKh6RsedR8YwJGFQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 77F8 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1278724555535987&ev=PageView&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&rl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&if=true&ts=1568409093398&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568409093397.1445371417&it=1568409093255&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 inferredEvents.js Show response
connect.facebook.net/signals/plugins/ 35 KB
10 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: BxjNJ2dSk40dhgKMraLeRKEPyyTVDc88OWRgZ3lz0V8V6vxuZx3sKLx9rCgZpAXiYT3b4IzKh6RsedR8YwJGFQ==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 316720908987052 Show response
connect.facebook.net/signals/config/ 308 KB
78 KB 143ms
142ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316720908987052?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

16679d8eac975a974c96e014f6e321b3c8d9528458364e5a45ca965d84e0e3b8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
x-xss-protection: 0
pragma: public
x-fb-debug: 2vzfwzv6IApzc4yDKNhKwo+Ls2j0BKJdjhrIcZ4ldvjYQJbTRMvggaSjuctzsMeWXErgLdFN0xcGncb1VUAjtg==
x-fb-trip-id: 420120009
x-frame-options: DENY
date: Fri, 13 Sep 2019 21:11:33 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 91ms
91ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298860036983510&ev=PageView&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&rl=&if=false&ts=1568409093418&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568409093397.1445371417&it=1568409093277&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316720908987052&ev=PageView&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&rl=&if=false&ts=1568409093574&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568409093397.1445371417&it=1568409093277&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 skout.js Show response
a.crowdskout.com/ 548 B
573 B 136ms
126ms Script
application/javascript 54.91.10.201
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.crowdskout.com/skout.js
Requested by: Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.91.10.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-54-91-10-201.compute-1.amazonaws.com
Software: openresty /
Resource Hash: e4b8223cff517e0836d4c66518c0ddb66a745e73ffa5c3c5f29e0e09974f4535

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: gzip
server: openresty
status: 200
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, private

GET
H2 200 iframe_api Show response
www.youtube.com/ 859 B
1 KB 34ms
22ms Script
application/javascript 2a00:1450:4001:815::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

YouTube Frontend Proxy /

Resource Hash

9931fee41324ea63afbac9b476739d69d1c9d70d2ea45ff11751b36d73afba95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
x-content-type-options: nosniff
server: YouTube Frontend Proxy
content-type: application/javascript
status: 200
cache-control: no-cache
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 859
x-xss-protection: 0
expires: Tue, 27 Apr 1971 19:44:06 EST

GET
H2 200 E-v1.js Show response
fast.wistia.net/assets/external/ 565 KB
108 KB 7ms
6ms Script
application/javascript 151.101.114.110
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.net/assets/external/E-v1.js

Requested by

Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

Resource Hash

a19c094998c1c7799de18367a0a0694aef4140a9654a4ddad4270559c39e9df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
content-encoding: br
vary: Accept-Encoding
age: 2088
x-cache: HIT, HIT
status: 200
content-length: 110323
x-served-by: cache-sea1043-SEA, cache-hhn4057-HHN
access-control-allow-origin: *
x-browser-version: 74
last-modified: Fri, 13 Sep 2019 20:29:29 GMT
x-timer: S1568409094.593538,VS0,VE0
etag: "5d7bfc29-1aef3"
strict-transport-security: max-age=0
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
x-browser: chrome
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4, 88

GET
H2 200 www-widgetapi.js Show response
s.ytimg.com/yts/jsbin/www-widgetapi-vfl1ao7_O/ 26 KB
10 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s.ytimg.com/yts/jsbin/www-widgetapi-vfl1ao7_O/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f965c887617c1cf14af29b9768c73cb11b30b1b5d1660a7849bfbde9c5e3d5b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 09:44:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214018
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 9992
x-xss-protection: 0
last-modified: Wed, 11 Sep 2019 07:53:11 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=691200
accept-ranges: bytes
timing-allow-origin: https://www.youtube.com
expires: Thu, 19 Sep 2019 09:44:35 GMT

POST
H2 200 page-view Show response
a.crowdskout.com/v1-1/ 2 B
168 B 125ms
125ms XHR
application/json 34.199.174.0
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://a.crowdskout.com/v1-1/page-view
Requested by: Host: s.crowdskout.com
URL: https://s.crowdskout.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.199.174.0 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-199-174-0.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Sec-Fetch-Mode: cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 13 Sep 2019 21:11:34 GMT
content-encoding: gzip
server: openresty
status: 200
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private

GET
H2 200 controller-4ff33198d9988d622b71daf19b443ba0.html
js.stripe.com/v3/ Frame 6DF6 0
0 6ms
5ms Document
text/html 151.101.12.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-4ff33198d9988d622b71daf19b443ba0.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-4ff33198d9988d622b71daf19b443ba0.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D

Response headers

status: 200
x-amz-id-2: 92G75nneCxLa67TaVsGemeckcbMpMn0b/P0Xi03AyLpE93tEU7a670ONL84QkkFBseZ27LsvanI=
x-amz-request-id: 43DF20ABE618F991
last-modified: Thu, 12 Sep 2019 21:11:01 GMT
etag: "4ff33198d9988d622b71daf19b443ba0"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 13 Sep 2019 21:11:33 GMT
via: 1.1 varnish
age: 261
x-served-by: cache-fra19172-FRA
x-cache: HIT
x-cache-hits: 21
x-timer: S1568409094.789954,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length: 1194

GET
H2 200 elements-inner-card-b32951885d44fadff6a015943471b5df.html
js.stripe.com/v3/ Frame 59CE 0
0 6ms
6ms Document
text/html 151.101.12.176
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-b32951885d44fadff6a015943471b5df.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.176 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-b32951885d44fadff6a015943471b5df.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D

Response headers

status: 200
x-amz-id-2: +QAgsOfiTJqh32Wwp17xNciub/JeNZ/IyJAFL5i50GmvqnfwiaX8c47pTXFVSenZKY2WHNuB4ts=
x-amz-request-id: 1142C82EF762BD37
last-modified: Thu, 12 Sep 2019 21:11:02 GMT
etag: "b32951885d44fadff6a015943471b5df"
cache-control: public, max-age=300
content-type: text/html; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 13 Sep 2019 21:11:33 GMT
via: 1.1 varnish
age: 95
x-served-by: cache-fra19172-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1568409094.794548,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-length: 1332

GET
DATA 200
OK truncated
/ Frame 77F8 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c192079ad17031eb73f38cfa4e3d894db33b39e8496e61a0975535b2a7b5ac2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin: https://mystique.victorypassport.com

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 collect
www.google-analytics.com/ Frame 77F8 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=806767548&t=event&_s=2&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&ec=Donation%20Form%20NRCC&ea=single&el=donation-amount-35&_u=aGDAAEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-10463545-15&_gid=1102891975.1568409093&z=1392240480

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=569960427&t=event&_s=2&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Donate%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=Donation%20Form&ea=single&el=donation-amount-35&_u=CACAAEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-15267911-1&_gid=1102891975.1568409093&z=311015616

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 77F8 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=806767548&t=timing&_s=3&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&plt=1274&pdt=1&dns=0&rrt=83&srt=387&tcp=0&dit=669&clt=676&_gst=645&_gbt=705&_cst=602&_cbt=686&_u=aGDAAEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-10463545-15&_gid=1102891975.1568409093&z=1021387991

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 77F8 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=806767548&t=timing&_s=2&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&plt=1274&pdt=1&dns=0&rrt=83&srt=387&tcp=0&dit=669&clt=676&_gst=645&_gbt=705&_cst=602&_cbt=686&_u=aGDAgEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-10463545-9&_gid=1102891975.1568409093&gtm=2wg941MHGMG8H&z=29303361

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 77F8 35 B
103 B 5ms
5ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=806767548&t=timing&_s=2&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&dr=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Mystique&sd=24-bit&sr=1600x1200&vp=1585x1410&je=0&plt=1274&pdt=1&dns=0&rrt=83&srt=387&tcp=0&dit=669&clt=676&_gst=645&_gbt=705&_cst=602&_cbt=686&_u=aGDAAEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-10463545-10&_gid=1102891975.1568409093&gtm=2wg941MHGMG8H&z=777109547

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861987
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
99 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=298860036983510&ev=Microdata&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&rl=&if=false&ts=1568409093927&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Today%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22National%20Republican%20Congressional%20Committee%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Donate%20Now!%22%2C%22og%3Adescription%22%3A%22You%20can%20make%20the%20difference%20by%20donating%20now.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568409093397.1445371417&it=1568409093277&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:33 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 21:11:33 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
145 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316720908987052&ev=Microdata&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&rl=&if=false&ts=1568409094075&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Donate%20Today%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22National%20Republican%20Congressional%20Committee%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Atitle%22%3A%22Donate%20Now!%22%2C%22og%3Adescription%22%3A%22You%20can%20make%20the%20difference%20by%20donating%20now.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568409093397.1445371417&it=1568409093277&coo=false&es=automatic&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 21:11:34 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
266 B 121ms
120ms Script
application/javascript 104.244.42.3
Twitter Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o1kfn&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER - Twitter Inc., US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
content-length: 57
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Fri, 13 Sep 2019 21:11:34 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 61e4c863bc2d3a63b4cc1254698193ac
x-transaction: 00f0c7f200cc88c1
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
109 B 6ms
6ms Image
image/gif 2a00:1450:4001:825::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=569960427&t=timing&_s=3&dl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&ul=en-us&de=UTF-8&dt=Donate%20Today&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=3406&pdt=0&dns=22&rrt=428&srt=129&tcp=16&dit=1012&clt=1012&_gst=2090&_gbt=2132&_cst=2090&_cbt=2143&_u=CACAAEAB~&jid=&gjid=&cid=800537277.1568409093&tid=UA-15267911-1&_gid=1102891975.1568409093&z=561026493

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://give.victorypassport.com/nrcc/stand-with-trump-5x-match-SLR/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20190913_PUSA-GOP-XX_5xMatchingExtended&utm_content=20190913_NoticeFailureToMeetDeadline
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 21:45:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 861988
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 77F8 44 B
99 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1278724555535987&ev=Microdata&dl=https%3A%2F%2Fmystique.victorypassport.com%2Fpages%2Fnrcc%2Fstand-with-trump-5x-match-slr%3Flocation%3Dhttps%253A%252F%252Fgive.victorypassport.com%252Fnrcc%252Fstand-with-trump-5x-match-SLR%26location_url%3DaHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%252FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%253D%253D&rl=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20190913_PUSA-GOP-XX_5xMatchingExtended%26utm_content%3D20190913_NoticeFailureToMeetDeadline&if=true&ts=1568409094913&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Mystique%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[em]=8919d86f59f3d2e26963ef11b994ad5a4992712a3552d42014ca7966dcf02ef5&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568409093397.1445371417&it=1568409093255&coo=false&es=automatic&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://mystique.victorypassport.com/pages/nrcc/stand-with-trump-5x-match-slr?location=https%3A%2F%2Fgive.victorypassport.com%2Fnrcc%2Fstand-with-trump-5x-match-SLR&location_url=aHR0cHM6Ly9naXZlLnZpY3RvcnlwYXNzcG9ydC5jb20vbnJjYy9zdGFuZC13aXRoLXRydW1wLTV4LW1hdGNoLVNMUi8%2FcmVjdXJyaW5nPXRydWUmYW1vdW50PTM1JnV0bV9zb3VyY2U9UFVTQS1HT1AtWFgmdXRtX21lZGl1bT1FbWFpbFByb3NwZWN0JnV0bV9jYW1wYWlnbj0yMDE5MDkxM19QVVNBLUdPUC1YWF81eE1hdGNoaW5nRXh0ZW5kZWQmdXRtX2NvbnRlbnQ9MjAxOTA5MTNfTm90aWNlRmFpbHVyZVRvTWVldERlYWRsaW5lIw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 13 Sep 2019 21:11:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Fri, 13 Sep 2019 21:11:34 GMT

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
give.victorypassport.com/	1970-01-20 23:28:09	Name: csid Value: 760855708
.victorypassport.com/	1970-01-19 05:49:45	Name: _fbp Value: fb.1.1568409093397.1445371417
.mystique.victorypassport.com/	1970-01-19 12:25:45	Name: __stripe_mid Value: 71340e69-bc77-457e-8907-42b15b144c45
mystique.victorypassport.com/	1970-01-19 12:26:06	Name: _mystique_session Value: TDc5S0l3Z3daNU5CKytMRElBODV4bkk5VjRQT3lqd2ZPd1JWSkpPZEo2Ti9Za01ZdExhQUN2KzRrV1g5bW9ZRUN5b1lhSGQvdjJWYlBTcnVRd1o1SXFnalRaT2MycHNyS1ZlQ25sUXJ0WlpBSGtNdVNxYk5uTzhMcnF0SnN6MjZUeFc5L3ZlN0UzR1drRkwzMHZGUmxBPT0tLUxzaFB4djg2NS84NFZkZ2cydEp4UkE9PQ%3D%3D--efce89e7f9fc2d2da3e1f83c8d259f9260171709
.victorypassport.com/	1970-01-19 05:49:45	Name: _gcl_au Value: 1.1.1833429259.1568409093
.mystique.victorypassport.com/	1970-01-19 03:40:10	Name: __stripe_sid Value: bb6d11b0-ca33-4059-a318-20f2a87a7214
.victorypassport.com/	1970-01-19 03:40:09	Name: _gat_UA-10463545-10 Value: 1
.victorypassport.com/	1970-01-19 03:40:09	Name: _dc_gtm_UA-10463545-9 Value: 1
.victorypassport.com/	1970-01-19 03:40:09	Name: _gat Value: 1
.victorypassport.com/	1970-01-19 03:41:35	Name: _gid Value: GA1.2.1102891975.1568409093
.victorypassport.com/	1970-01-19 21:11:21	Name: _ga Value: GA1.2.800537277.1568409093

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: NMGTM
console-api	log	(Line 1) Message: NM \| Floodlight Global Fire \| gtag init

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.crowdskout.com
analytics.twitter.com
connect.facebook.net
ct3.thedailygrind.news
fast.wistia.net
fonts.googleapis.com
fonts.gstatic.com
give.victorypassport.com
googleads.g.doubleclick.net
js.honeybadger.io
js.stripe.com
mystique.victorypassport.com
s.crowdskout.com
s.yimg.com
s.ytimg.com
s3.amazonaws.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
104.244.42.3
104.244.42.69
143.204.214.7
151.101.112.157
151.101.114.110
151.101.12.176
172.217.16.130
2600:9000:2057:4400:14:71e7:1f40:93a1
2600:9000:2057:7c00:17:ecf9:140:93a1
2606:4700:30::681b:9ba9
2a00:1288:f03d:1fa::4000
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:815::200e
2a00:1450:4001:819::2008
2a00:1450:4001:81a::200a
2a00:1450:4001:81c::2004
2a00:1450:4001:81e::2003
2a00:1450:4001:825::2003
2a00:1450:4001:825::200e
2a00:1450:400c:c0c::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.199.174.0
52.216.128.157
54.91.10.201
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
16679d8eac975a974c96e014f6e321b3c8d9528458364e5a45ca965d84e0e3b8
24b8df93ce3f800e0b7c6994e3d6f6dc215753c10551144830b96f15d4801d80
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
31d372bf0af35eec8dcec6f661997e39a242782c737738b7397c919d55dd4b47
340ab97b4ab045fd48b41921cd0b16e8de0172d7ea629de882ef478b69d640e6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4ca9cf5b9267b3d23603f4b8330e856209e4e5ee99d8c17ba2cdda5ed34f3824
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
58aa0e80aab1877f50dcce5806fdc75a18f82161ad1493a6bfb79c9d283bc19c
5a5d46c872394dad63492e5196d0d7d0b31cfcedafd3237598cea519ded79f7d
5afd97cc0b9bc308b7c50fe3567df3fd19cf2c5be5ec4ac4febe17f6412aaad1
5c192079ad17031eb73f38cfa4e3d894db33b39e8496e61a0975535b2a7b5ac2
5f019ca5325016e06b9356adc80b3c13347a9109d510314b09f8e8dfa73486c1
699debf42ab7586933d3e1dbd037e5e6a017ecfdb03c20128fd9d95e3f75b8a5
6ea6b63461fe504af6c05d5ace635383fff8da1840a1aa5377b6bea6b559e33e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855ccd60eaf5bda8f6227dc53ff7be4b33ed7fd242452ccdf51b9cdcc6fc0280
86aec3313e0fff75c162c1e00067c56506072ecd5694fb7ba0de3dae1a392d5d
88434d6c01e9f28639d7661b93ae0a6be0af287b2e30c5cc23c2cb80ac6cb42e
8943e86fe85ef49329362e2269c234f280ac59f88d7e072dd16511193d57215d
90bedfa7bbd2bb58b7f47611a77feaf852c117ed7e344885cdb34f7df940658f
91d9383cba48973428083a71f31020ba7a2bb1b3b1c53ac950a6540441f8d11d
97fd47b2a2bc905922463b3ba0b0d726eaf214cd02540466cebc102a32348e98
9931fee41324ea63afbac9b476739d69d1c9d70d2ea45ff11751b36d73afba95
9a2f3ce602bbcbc65014536d8adda40023face996dab40cca3b70951d505775c
9baad10e85c5be8d5697086479983b6b477197103bf8f0f11817b1bdfb9a7451
a19c094998c1c7799de18367a0a0694aef4140a9654a4ddad4270559c39e9df9
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
b7951d0fd600e77b4ae277f050bc57aeb874aa0603374605ca0a28b2e332b54d
bd0be439382896efa9951981bb35906a21cd6519d3d6451985c6bebec417b3c6
be217e8379199bbfaa9badbe7696c4cd90c18df390a7c4cae53f7096e15e650e
cc9f2893f07bc1ada8d13f04ba3f9977162fb1747e832da75827bf4aaeaf3619
cce3e3cf25c6a678f489a12206c68b7bfec2e49a550d1635072553a109ed5c88
cda90b57321e88549d90dc2492ee86043bd080f154107d931c065dea54f8fb2c
da6b4cf9381358b6aba415db783e66b6484a38524b8a713a6529c7e66d658af1
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b8223cff517e0836d4c66518c0ddb66a745e73ffa5c3c5f29e0e09974f4535
e5e8e846c5cf9537b3d9e0acff4679e446150adb7d5f81d1b7723b0dbd8983b1
e79ed5247c32fef2049edc969ffb9445cc0ece8397a790e47e679a977afcb8f7
ea9d2fce846b2d447758c6735015ac69a9f67ab0b6402819297cf8643a9f04e5
ecd045e9448636289be86a4818b7cf68e008bf52c24c7d04bfde62056fe18ccd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f965c887617c1cf14af29b9768c73cb11b30b1b5d1660a7849bfbde9c5e3d5b3

give.victorypassport.com Open in urlscan Pro 2600:9000:2057:7c00:17:ecf9:140:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

62 %IPv6

23 Domains

26 Subdomains

25 IPs

5 Countries

1258 kBTransfer

4059 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

give.victorypassport.com Open in urlscan Pro
2600:9000:2057:7c00:17:ecf9:140:93a1 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

62 %
IPv6

23
Domains

26
Subdomains

25
IPs

5
Countries

1258 kB
Transfer

4059 kB
Size

11
Cookies

76 HTTP transactions
2 data transactions