urlscan.io logo urlscan.io
SecurityTrails logo

media-dc.rallycongress.net Open in urlscan Pro
184.73.195.23  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://news.pub.mediadc.com/wta/link.php?AGENCY=AB&M=53842344&N=119244&L=88294&F=H
Effective URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Submission: On October 03 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 3 countries across 8 domains to perform 14 HTTP transactions. The main IP is 184.73.195.23, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is media-dc.rallycongress.net.
This is the only time media-dc.rallycongress.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.204.236.246 14618 (AMAZON-AES)
1 184.73.195.23 14618 (AMAZON-AES)
4 13.32.218.189 16509 (AMAZON-02)
1 2a02:26f0:eb:... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.32.218.88 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 107.21.92.197 14618 (AMAZON-AES)
1 2a03:2880:f11... 32934 (FACEBOOK)
14 9
1    34.204.236.246 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-204-236-246.compute-1.amazonaws.com
news.pub.mediadc.com
1    184.73.195.23 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-184-73-195-23.compute-1.amazonaws.com
media-dc.rallycongress.net
4    13.32.218.189 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-218-189.fra56.r.cloudfront.net
d1x12rj7spz3rw.cloudfront.net
1    2a02:26f0:eb:283::523 (European Union)

ASN20940 (AKAMAI-ASN1, US)
res.cloudinary.com
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google Inc., US)
ajax.googleapis.com
2    13.32.218.88 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-32-218-88.fra56.r.cloudfront.net
d1x12rj7spz3rw.cloudfront.net
1    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
1    107.21.92.197 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-21-92-197.compute-1.amazonaws.com
traffic.rallycongress.org
1    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
Domain Requested by
6 d1x12rj7spz3rw.cloudfront.net media-dc.rallycongress.net
1 www.facebook.com media-dc.rallycongress.net
1 traffic.rallycongress.org media-dc.rallycongress.net
1 connect.facebook.net media-dc.rallycongress.net
1 ajax.googleapis.com media-dc.rallycongress.net
1 res.cloudinary.com media-dc.rallycongress.net
1 media-dc.rallycongress.net
1 news.pub.mediadc.com 1 redirects
0 staticxx.facebook.com Failed connect.facebook.net
14 9

This site contains no links.

Subject Issuer Validity Valid
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2017-01-18 -
2020-01-17		 3 years crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-09-13 -
2017-12-06		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2016-12-09 -
2018-01-25		 a year crt.sh
traffic.rallycongress.org
Amazon		 2017-01-02 -
2018-02-02		 a year crt.sh

This page contains 3 frames:

Primary Page: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Frame ID: 32185.1
Requests: 12 HTTP requests in this frame

Frame: http://staticxx.facebook.com/connect/xd_arbiter/r/Z2duorNoYeF.js?version=42
Frame ID: 32185.2
Requests: 1 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/Z2duorNoYeF.js?version=42
Frame ID: 32185.3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://news.pub.mediadc.com/wta/link.php?AGENCY=AB&M=53842344&N=119244&L=88294&F=H HTTP 302
    http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]+bootstrap(?:\.min)?\.css/i

Page Statistics

14
Requests

36 %
HTTPS

44 %
IPv6

8
Domains

9
Subdomains

9
IPs

3
Countries

299 kB
Transfer

675 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://news.pub.mediadc.com/wta/link.php?AGENCY=AB&M=53842344&N=119244&L=88294&F=H HTTP 302
    http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • http://connect.facebook.net/en_US/all.js HTTP 307
  • https://connect.facebook.net/en_US/all.js

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set rally-congress-tax-cuts-now
media-dc.rallycongress.net/ctas/
Redirect Chain
  • https://news.pub.mediadc.com/wta/link.php?AGENCY=AB&M=53842344&N=119244&L=88294&F=H
  • http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
16 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
184.73.195.23 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-184-73-195-23.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f1b03206c4254310a819076037674735381883e48c5228100e49cb6417a45c5e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
media-dc.rallycongress.net
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 03 Oct 2017 12:25:02 GMT
Cache-Control
no-cache, private no-cache="set-cookie"
Server
Apache
Set-Cookie
PHPSESSID=eofmap42ruq71f1ctb1llmebl7; expires=Wed, 04-Oct-2017 12:25:02 GMT; Max-Age=86400; path=/; HttpOnly AWSELB=E9F98F051A40AB17E5A54A4540A34B67549ED1AB27A3FE6C22F8222C3DEAE09FA9416A24A8DC8C64C16ABFAEF2208C24115646A7A1A3FC147767EC9949A262FDE77D18B808;PATH=/
transfer-encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=UTF-8

Redirect headers

status
302
date
Tue, 03 Oct 2017 12:25:02 GMT
server
Microsoft-IIS/10.0
x-powered-by
PHP/5.6.24
content-length
0
location
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
content-type
text/html; charset=UTF-8
bootstrap.min.css
d1x12rj7spz3rw.cloudfront.net/bootstrap/css/ 		118 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d1x12rj7spz3rw.cloudfront.net/bootstrap/css/bootstrap.min.css
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
13.32.218.189 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-189.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1x12rj7spz3rw.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sat, 30 Sep 2017 20:30:28 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jun 2017 13:44:53 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
text/css
Via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
5q-ukPK7C_mR9mvZrY4GKjlMgLz9CMtDuzmxF6Cx8B57phSGB4nD6g==
font-awesome.min.css
d1x12rj7spz3rw.cloudfront.net/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://d1x12rj7spz3rw.cloudfront.net/font-awesome/css/font-awesome.min.css
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
13.32.218.189 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-189.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1x12rj7spz3rw.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 01 Oct 2017 17:41:47 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jun 2017 13:42:00 GMT
Server
AmazonS3
Age
54267
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
ooZMJAANzdFkOSKZyDFXW-DQqpO0Qkoc_Qd_RGVLERzydU0ARuB4eA==
3024.675.59ca6bd113406.png
res.cloudinary.com/rally/image/upload/c_limit,h_315,w_420/v1/client/ 		138 KB
139 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/rally/image/upload/c_limit,h_315,w_420/v1/client/3024.675.59ca6bd113406.png
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:eb:283::523 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
cloudinary /
Resource Hash
49ac13ea1b12edf050979f5b2c8fe60f4ab39b505ca28a112361cd6a503bd60b

Request headers

:path
/rally/image/upload/c_limit,h_315,w_420/v1/client/3024.675.59ca6bd113406.png
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
res.cloudinary.com
referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
:scheme
https
:method
GET
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Tue, 03 Oct 2017 12:25:03 GMT
surrogate-key
52989779676132383617485830650809662979 361375859548738241463055448226135647647 9231141efc24d7c523b59d02ca948868
last-modified
Tue, 26 Sep 2017 15:02:15 GMT
server
cloudinary
etag
"2a47c2ce33699a9bc196df2922b0a099"
status
200
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2573276
accept-ranges
bytes
access-control-allow-headers
X-Requested-With
content-length
141617
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google Inc., US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/ajax/libs/jquery/2.2.4/jquery.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
ajax.googleapis.com
referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
:scheme
https
:method
GET
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

date
Mon, 04 Sep 2017 12:05:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2506764
status
200
alt-svc
quic=":443"; ma=2592000; v="39,38,37,35"
content-length
30028
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Sep 2018 12:05:38 GMT
iframeResizer.contentWindow.min.js
d1x12rj7spz3rw.cloudfront.net/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1x12rj7spz3rw.cloudfront.net/iframeResizer.contentWindow.min.js
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
13.32.218.189 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-189.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5695f8317f3c82772c4793fb9145d45cd56cc43d79b27737a37e3bd030ab3baa

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1x12rj7spz3rw.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 03 Oct 2017 12:25:04 GMT
Content-Encoding
gzip
Last-Modified
Wed, 26 Jul 2017 06:33:42 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Content-Type
application/x-javascript
Via
1.1 16ba4fd291c7ac4ec424fdbac7065ef1.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
JzFKPWq4vgCneIQ-iLLQRho1yslFu4HOMb7V5NJuKzGnQi_c6XQc0A==
bootstrap.min.js
d1x12rj7spz3rw.cloudfront.net/bootstrap/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1x12rj7spz3rw.cloudfront.net/bootstrap/js/bootstrap.min.js
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
13.32.218.189 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-189.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1x12rj7spz3rw.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 01 Oct 2017 08:16:52 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Jun 2017 13:45:21 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
text/javascript
Via
1.1 fc3a4fa8a6bf80fc624a0bc082bb5b4e.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
uH32vIz7Q11AaxnQq4A_HrIy5JMyepf7aYzLYc7bh1qqTZ_J3ATxog==
jquery.validate.min.js
d1x12rj7spz3rw.cloudfront.net/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1x12rj7spz3rw.cloudfront.net/jquery.validate.min.js
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
13.32.218.88 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f30c8cb3ab2e2723a9499ea38d8fac4e111163d2a7efa7e3f7110b7e5ab6c8cd

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1x12rj7spz3rw.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 01 Oct 2017 23:04:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 15:30:30 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/x-javascript
Via
1.1 96918fe484b3cc9879c048ab5c4e033c.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
15LE7lj15xW0kiU6c6mhEyfwP58o0UsHZRDF2AdbUKMZX0exCV61hQ==
additional-methods.min.js
d1x12rj7spz3rw.cloudfront.net/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://d1x12rj7spz3rw.cloudfront.net/additional-methods.min.js
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Server
13.32.218.88 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-32-218-88.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
99bee0cc70753ea4fe224285132e7b27fb6771aac4e08f5b79cfde30a38daf23

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
d1x12rj7spz3rw.cloudfront.net
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Sun, 01 Oct 2017 23:04:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Mar 2016 15:30:32 GMT
Server
AmazonS3
Vary
Accept-Encoding
X-Cache
RefreshHit from cloudfront
Content-Type
application/x-javascript
Via
1.1 be3a2ea70ea68d04665ee5db91a73443.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
TbzuSyWWeOWnCa5ErYfWeFDUG3_P4Ys0K-TBbeAonpH013SjBVr8vg==
all.js
connect.facebook.net/en_US/
Redirect Chain
  • http://connect.facebook.net/en_US/all.js
  • https://connect.facebook.net/en_US/all.js
198 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
39600ef7a1450da0b7c570176048180ab1cbd3eee2c6e0f63c40049baf26044b
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:path
/en_US/all.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
connect.facebook.net
referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
:scheme
https
:method
GET
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Ne1o3llbJuRcmKQKwrCZDQ==
status
200
content-length
62306
x-xss-protection
0
x-fb-debug
U1RmSiZMzXZYHFPjlLt2SmhJFfLWA8nrMZOamoQ68TQAHcsfrxERJ/7mZbjW40vzAWjzWg9NctzEekFYmtZRow==
x-fb-content-md5
2f9ff9b26c69f6d1408f6ee29e5e5ef1
x-frame-options
DENY
date
Tue, 03 Oct 2017 12:25:03 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"c423efb02173383b694707d86a446a81"
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
timing-allow-origin
*
expires
Tue, 03 Oct 2017 12:36:00 GMT

Redirect headers

Location
https://connect.facebook.net/en_US/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
Cookie set IY7wORJbhGpzTCmAtyTSAeMJvCqhGNQ6
traffic.rallycongress.org/save/ 		32 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffic.rallycongress.org/save/IY7wORJbhGpzTCmAtyTSAeMJvCqhGNQ6?v=V0jw5w3fbn35yocp07rmryds2eixmzhp&r=&rq=http%3A//media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now%3Fiframe%3D1&power=Vwnr9xxj8x81nseej8rlhmh7vm01uoze&newvisit=Y&pageId=59ca6a75703ce
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.21.92.197 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-21-92-197.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
traffic.rallycongress.org
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

Date
Tue, 03 Oct 2017 12:25:03 GMT
Cache-Control
no-cache, private no-cache="set-cookie"
Server
Apache
Set-Cookie
AWSELB=B98D43890811F4CB7B2087BBE406DE7DD39486DEE354BCF5887B6F8B6306AC50A00D0A73A9455923A4EF9BD30A0C5D71019236FDA08FD0B71F2C75A9FFA2D2D3EF60F9E886;PATH=/
Content-Length
32
Connection
keep-alive
Content-Type
application/json
/
www.facebook.com/impression.php/f3bfa3de419b424/ 		43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/impression.php/f3bfa3de419b424/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
Requested by
Host: media-dc.rallycongress.net
URL: http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:path
/impression.php/f3bfa3de419b424/?lid=115&payload=%7B%22source%22%3A%22jssdk%22%7D
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.facebook.com
referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
:scheme
https
:method
GET
Referer
http://media-dc.rallycongress.net/ctas/rally-congress-tax-cuts-now?iframe=1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/61.0.3163.100 Safari/537.36

Response headers

content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' fbstatic-a.akamaihd.net fbcdn-static-b-a.akamaihd.net *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* *.akamaihd.net wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin Accept-Encoding
x-xss-protection
0
pragma
no-cache
x-fb-debug
rN0PzEfk1F7QGPemHS2b7ReHugu8jO6+sgOR76EAjzDIbzpRencCxlLrbDf/XApzZw9Uea3zsrql53Kkv0+0Tw==
date
Tue, 03 Oct 2017 12:25:03 GMT
expect-ct
max-age=10, report-uri="http://reports.fb.com/expectct/"
strict-transport-security
max-age=15552000; preload
public-key-pins-report-only
max-age=600; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="k2v657xBsOVe1PQRwOsHsw3bsGT2VzIqz5K+59sNQws="; pin-sha256="gMxWOrX4PMQesK9qFNbYBxjBfjUvlkn/vN1n+L9lE5E="; pin-sha256="q4PO2G2cbkZhZ82+JgmRUyGMoAeozA+BSXVXQWB8XWQ="; report-uri="http://reports.fb.com/hpkp/"
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
access-control-allow-method
OPTIONS
expires
Sat, 01 Jan 2000 00:00:00 GMT
Z2duorNoYeF.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 3218 		0
0
Z2duorNoYeF.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 3218 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
staticxx.facebook.com
URL
http://staticxx.facebook.com/connect/xd_arbiter/r/Z2duorNoYeF.js?version=42
Domain
staticxx.facebook.com
URL
https://staticxx.facebook.com/connect/xd_arbiter/r/Z2duorNoYeF.js?version=42

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Domain/Path Name / Value
media-dc.rallycongress.net/ Name: AWSELB
Value: E9F98F051A40AB17E5A54A4540A34B67549ED1AB27A3FE6C22F8222C3DEAE09FA9416A24A8DC8C64C16ABFAEF2208C24115646A7A1A3FC147767EC9949A262FDE77D18B808
media-dc.rallycongress.net/ Name: PHPSESSID
Value: eofmap42ruq71f1ctb1llmebl7
media-dc.rallycongress.net/ctas Name: power
Value: Vwnr9xxj8x81nseej8rlhmh7vm01uoze
media-dc.rallycongress.net/ctas Name: visit
Value: V0jw5w3fbn35yocp07rmryds2eixmzhp