secure.conservative.org Open in urlscan Pro
2606:4700:10::6814:443 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://news.presscorp.org/wta/link.php?AGENCY=PMI&M=5481674&N=101299&L=33950&F=H&drurl=aHR0cDovL2FzLmFkc29uaXJpcy5jb20vY2x...
Effective URL:
https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_mediu...
Submission: On May 13 via api (May 13th 2020, 1:28:07 pm UTC) from US

Summary HTTP 35 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 20 domains to perform 35 HTTP transactions. The main IP is 2606:4700:10::6814:443, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.conservative.org.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 20th 2020. Valid for: 8 months.

This is the only time secure.conservative.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.200.146.93 52.200.146.93	14618 (AMAZON-AES) (AMAZON-AES)
1	54.76.119.149 54.76.119.149	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.150 213.19.147.150	26120 (RHYTHMONE) (RHYTHMONE)
2 2	40.113.136.100 40.113.136.100	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	185.29.132.21 185.29.132.21	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	52.212.220.130 52.212.220.130	16509 (AMAZON-02) (AMAZON-02)
1 7	2606:4700:10:... 2606:4700:10::6814:443	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	54.230.183.25 54.230.183.25	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:817::200a	15169 (GOOGLE) (GOOGLE)
1	52.222.182.9 52.222.182.9	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:817::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.196.107 13.224.196.107	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:81e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
35	15

1 52.200.146.93 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-146-93.compute-1.amazonaws.com

news.presscorp.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.119.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com

as.adsoniris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.113.136.100 (Amsterdam, Netherlands) 2 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.powerlinks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.21 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.220.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-220-130.eu-west-1.compute.amazonaws.com

images.passendo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:10::6814:443 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.conservative.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.230.183.25 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-25.ham50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:817::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.182.9 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-182-9.ham50.r.cloudfront.net

js.honeybadger.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:817::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.107 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-196-107.fra2.r.cloudfront.net

d35ligi1n5bgzc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9d (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	conservative.org 1 redirects secure.conservative.org	186 KB
6	googleapis.com maps.googleapis.com	193 KB
5	google-analytics.com 2 redirects www.google-analytics.com	19 KB
4	stripe.com js.stripe.com	43 KB
2	facebook.com www.facebook.com	332 B
2	gstatic.com maps.gstatic.com	5 KB
2	facebook.net connect.facebook.net	151 KB
2	google.de www.google.de	212 B
2	google.com 2 redirects www.google.com	342 B
2	doubleclick.net 2 redirects stats.g.doubleclick.net	303 B
2	googletagmanager.com www.googletagmanager.com	48 KB
2	mathtag.com 2 redirects sync.mathtag.com	2 KB
2	powerlinks.com 2 redirects px.powerlinks.com	2 KB
1	cloudfront.net d35ligi1n5bgzc.cloudfront.net	522 KB
1	honeybadger.io js.honeybadger.io	6 KB
1	passendo.com images.passendo.com	306 B
1	1rx.io sync.1rx.io	185 B
1	adsoniris.com as.adsoniris.com	1 KB
1	presscorp.org 1 redirects news.presscorp.org	150 B
0	revv.co Failed app.revv.co Failed
35	20

	Domain	Requested by
7	secure.conservative.org	1 redirects as.adsoniris.com secure.conservative.org
6	maps.googleapis.com	secure.conservative.org maps.googleapis.com
5	www.google-analytics.com	2 redirects secure.conservative.org
4	js.stripe.com	secure.conservative.org js.stripe.com
2	www.facebook.com	secure.conservative.org connect.facebook.net
2	maps.gstatic.com	secure.conservative.org
2	connect.facebook.net	as.adsoniris.com connect.facebook.net
2	www.google.de	secure.conservative.org
2	www.google.com	2 redirects
2	stats.g.doubleclick.net	2 redirects
2	www.googletagmanager.com	secure.conservative.org
2	sync.mathtag.com	2 redirects
2	px.powerlinks.com	2 redirects
1	d35ligi1n5bgzc.cloudfront.net	secure.conservative.org
1	js.honeybadger.io	secure.conservative.org
1	images.passendo.com	as.adsoniris.com
1	sync.1rx.io	as.adsoniris.com
1	as.adsoniris.com
1	news.presscorp.org	1 redirects
0	app.revv.co Failed	secure.conservative.org
35	20

This site contains links to these domains. Also see Links.

Domain
revv.co

Subject Issuer	Validity	Valid
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
images.passendo.com Amazon	`2020-03-30` - `2021-04-30`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-20` - `2020-10-09`	8 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2020-02-12` - `2020-06-03`	4 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.honeybadger.io COMODO RSA Domain Validation Secure Server CA	`2017-06-07` - `2020-07-14`	3 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
Frame ID: BF5A535EF23278DA30E1FB0C34D75D4A
Requests: 32 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
Frame ID: 8B2203E9B89DE1F75EDD9A603A6CE728
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-13d62d56f712a1c3187f2e960e3812ea.html
Frame ID: E35999536B0B8EAC2F07C2630C455E54
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-5d27dc4b01f07cd0b875991391dc66cc.html
Frame ID: 52372B05600A4BA615B538E64C6C3C95
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://news.presscorp.org/wta/link.php?AGENCY=PMI&M=5481674&N=101299&L=33950&F=H&drurl=aHR0cDovL2FzLmF... HTTP 302
http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299 Page URL
http://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_... HTTP 301
https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Ruby (Programming Languages) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

script /\/\/maps\.googleapis\.com\/maps\/api\/js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 50%
Detected patterns

meta csrf-param /^authenticity_token$/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

Page Statistics

35
Requests

94 %
HTTPS

53 %
IPv6

20
Domains

20
Subdomains

15
IPs

6
Countries

1174 kB
Transfer

2853 kB
Size

11
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://revv.co/donor-terms/
Title: terms of use

Search URL Search Domain Scan URL

URL: https://revv.co/privacy/
Title: privacy policy

Search URL Search Domain Scan URL

URL: https://revv.co/
Title: Powered by

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://news.presscorp.org/wta/link.php?AGENCY=PMI&M=5481674&N=101299&L=33950&F=H&drurl=aHR0cDovL2FzLmFkc29uaXJpcy5jb20vY2xpY2svMi83MzE4LzMwODA5OWZlNjAwNmQ1NmRlMWMyYjFhMjZhNGM5NjllLzEwMTI5OQ== HTTP 302
http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299 Page URL
http://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE HTTP 301
https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://news.presscorp.org/wta/link.php?AGENCY=PMI&M=5481674&N=101299&L=33950&F=H&drurl=aHR0cDovL2FzLmFkc29uaXJpcy5jb20vY2xpY2svMi83MzE4LzMwODA5OWZlNjAwNmQ1NmRlMWMyYjFhMjZhNGM5NjllLzEwMTI5OQ== HTTP 302
http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299

Request Chain 2

https://px.powerlinks.com/user/sync/ssps?userId=71744217c521c2d74cb3b2742c425f4e033670a0&sourceId=3ae6b243-071f-442a-b6f8-a90a6589c38e&rurl=https%3A%2F%2Fimages.passendo.com%2Fucs%2Fpl%2Ff9936ed58e4dad3741e4227b92eada1a%2Fp.png%3Fuid%3D%24%7BUSER%7D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Fimages.passendo.com%25252Fucs%25252Fpl%25252Ff9936ed58e4dad3741e4227b92eada1a%25252Fp.png%25253Fuid%25253DsLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%2525253D HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps%25253A%25252F%25252Fimages.passendo.com%25252Fucs%25252Fpl%25252Ff9936ed58e4dad3741e4227b92eada1a%25252Fp.png%25253Fuid%25253DsLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%2525253D&mm_bnc&mm_bct&UUID=09ef5ebb-f5d4-4e00-b114-1d807cc178a1 HTTP 302
https://px.powerlinks.com/user/sync/dsps?userId=09ef5ebb-f5d4-4e00-b114-1d807cc178a1&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Fimages.passendo.com%2Fucs%2Fpl%2Ff9936ed58e4dad3741e4227b92eada1a%2Fp.png%3Fuid%3DsLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%253D HTTP 302
https://images.passendo.com/ucs/pl/f9936ed58e4dad3741e4227b92eada1a/p.png?uid=sLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%3D

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2071520408&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_content%3D20200508_Newsletter%26utm_medium%3Demail%26utm_source%3DAE&dr=http%3A%2F%2Fas.adsoniris.com%2Fclick%2F2%2F7318%2F308099fe6006d56de1c2b1a26a4c969e%2F101299&ul=en-us&de=UTF-8&dt=Donate%20Today!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1287650329&gjid=775644980&cid=144775466.1589376471&tid=UA-60167497-5&_gid=1066818393.1589376471&_r=1&z=736569215 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_gid=1066818393.1589376471&gjid=775644980&_v=j82&z=736569215 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_v=j82&z=736569215 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_v=j82&z=736569215&slf_rd=1&random=2511030167

Request Chain 24

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2071520408&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_content%3D20200508_Newsletter%26utm_medium%3Demail%26utm_source%3DAE&dr=http%3A%2F%2Fas.adsoniris.com%2Fclick%2F2%2F7318%2F308099fe6006d56de1c2b1a26a4c969e%2F101299&ul=en-us&de=UTF-8&dt=Donate%20Today!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aEDAAEAB~&jid=1962544922&gjid=24323707&cid=144775466.1589376471&tid=UA-73658561-7&_gid=1066818393.1589376471&_r=1&gtm=2wg4t0NTQZ9N&z=2114247533 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_gid=1066818393.1589376471&gjid=24323707&_v=j82&z=2114247533 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_v=j82&z=2114247533 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_v=j82&z=2114247533&slf_rd=1&random=728564169

35 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Cookie set 101299 Show response
as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/
Redirect Chain

https://news.presscorp.org/wta/link.php?AGENCY=PMI&M=5481674&N=101299&L=33950&F=H&drurl=aHR0cDovL2FzLmFkc29uaXJpcy5jb20vY2xpY2svMi83MzE4LzMwODA5OWZlNjAwNmQ1NmRlMWMyYjFhMjZhNGM5NjllLzEwMTI5OQ==
http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299

1 KB
1 KB

626ms
548ms

Document
text/html

54.76.119.149
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
Protocol: HTTP/1.1
Server: 54.76.119.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-119-149.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fb9ccd2faa476900c0fef5a30b1461b9fd4a531926cd6801f7395ca7d4a69d35

Request headers

Host: as.adsoniris.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Date: Wed, 13 May 2020 13:27:48 GMT
Server: nginx
Set-Cookie: c137=f9936ed58e4dad3741e4227b92eada1a; expires=Thu, 13-May-2021 13:27:48 GMT; Max-Age=31536000; path=/
X-Trace: 2B1812BD912FDE33AC03C66AE42F58B18510636E82B0FF191249FDB57C00
Content-Length: 1113
Connection: keep-alive

Redirect headers

status: 302
date: Wed, 13 May 2020 13:27:47 GMT
content-type: text/html; charset=UTF-8
location: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
server: nginx/1.14.0
x-powered-by: PHP/5.6.39

GET
H/1.1 204
No Content passendo
sync.1rx.io/usersync2/ 0
185 B 234ms
57ms Stylesheet
text/plain 213.19.147.150
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.1rx.io/usersync2/passendo?redir=https%3A%2F%2Fimages.passendo.com%2Fucs%2Fro%2Ff9936ed58e4dad3741e4227b92eada1a%2Fp.png%3Fuid%3D%5BRX_UUID%5D
Requested by: Host: as.adsoniris.com
URL: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 13 May 2020 13:27:40 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: nginx
Connection: keep-alive
Expires: 0

GET
H/1.1

200
OK

p.png
images.passendo.com/ucs/pl/f9936ed58e4dad3741e4227b92eada1a/
Redirect Chain

https://px.powerlinks.com/user/sync/ssps?userId=71744217c521c2d74cb3b2742c425f4e033670a0&sourceId=3ae6b243-071f-442a-b6f8-a90a6589c38e&rurl=https%3A%2F%2Fimages.passendo.com%2Fucs%2Fpl%2Ff9936ed58e...
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://sync.mathtag.com/sync/img?mt_exid=113&redir=%2F%2Fpx.powerlinks.com%2Fuser%2Fsync%2Fdsps%3FuserId%3D%5BMM_UUID%5D%26sourceId%3Daa4e7548-789b-4df8-a72f-d951a5b206eb%26sync%3D0%26rurl%3Dhttps...
https://px.powerlinks.com/user/sync/dsps?userId=09ef5ebb-f5d4-4e00-b114-1d807cc178a1&sourceId=aa4e7548-789b-4df8-a72f-d951a5b206eb&sync=0&rurl=https%3A%2F%2Fimages.passendo.com%2Fucs%2Fpl%2Ff9936ed...
https://images.passendo.com/ucs/pl/f9936ed58e4dad3741e4227b92eada1a/p.png?uid=sLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%3D

95 B
306 B

318ms
80ms

Stylesheet
image/png

52.212.220.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.passendo.com/ucs/pl/f9936ed58e4dad3741e4227b92eada1a/p.png?uid=sLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%3D
Requested by: Host: as.adsoniris.com
URL: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.220.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-220-130.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 13 May 2020 13:27:49 GMT
Server: nginx
Connection: keep-alive
X-Trace: 2B601EFE23EAA6D0D392863A091B002CFC42798F3B0FDDC58D10CDC4E900
Content-Length: 95
Content-Type: image/png

Redirect headers

Location: https://images.passendo.com/ucs/pl/f9936ed58e4dad3741e4227b92eada1a/p.png?uid=sLBgsl7TAxPxOwHEUwuKKbfWkBi1qUBmuh-snNPr_Y0%3D
Date: Wed, 13 May 2020 13:27:49 GMT
Server: nginx
Connection: close
Etag: "-28a8rmW__kpHPaq9iiamDoNf3P4GT3MSXKcAujD7KY="
Content-Length: 0

GET
H2

200

Primary Request / Show response
secure.conservative.org/tucker-carlson/
Redirect Chain

http://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

28 KB
7 KB

210ms
174ms

Document
text/html

2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Requested by

Host: as.adsoniris.com
URL: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a0eefd6194940c9c177a9c2f0ceb65d2682db9676ccdc588ed530be1e269d8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.conservative.org
:scheme: https
:path: /tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d8fae3a9ede0260bad01dfa703679f9f51589376469; __cf_bm=d0a36065c51b485424ecb98c5cba230b6b83084f-1589376469-1800-AX7lkKlaIIPF1it8EPpiQatjvm1KudlQHBEhaITrRdwCMKu/Qo5/DphHvZE/2Z1sD1b+cu91vBKhR4YEDQc9rdA=
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299

Response headers

status: 200
date: Wed, 13 May 2020 13:27:50 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-revv-cache: Hit from Revv
set-cookie: _revv_v3_session=NUJmMG50amIwOWN1eGpIQ3h0RFl5REtpRHpFNXNNUG5JeEZaNmJXSU5PMVdjQU5WU0t3NXFTQ3M3cXdNM2hLQStrRm14dkp3L1h3a0R2WUFWc21zTkhOUHc4MGJDRjNIMUxBUEpNQ0MzcFNHNmRkMk83UnMzNWxvYmV2STlyRzcxR3BJcitpWGdUYUhpL05XV2dQanZCM05heWVndHpHRytUMXprcUIyRTdnQzJUaWFLUUNSdytsbFIxdkg5MFVETG5MOWxmdlljdGRyeWF4a3VxRDA4MW5nZzhzb0NHcXZoS2xHYTJkOXllek5GQ1E5YTgzeE92TEY1aEJHb0RKUkxQQXVEUzNpMk13NnVHK24zMVZzVmthM3BWRFV1Z1lONWhRcmtiMk1MSklGaHZheDRaNjlkQnhRNUpNSFBBRzAzQmM1d1dtRFVNOVp3b21JdGc3SDk3dmdJNjJPWk9PbDBhM05qd0pOR0dXL0tGYzdWSzlVMy9PeDZpVkdoQVdaYlFnZDBTc2ozK1VqYzdGUU80QVZ6Zz09LS1SK2x5TUl4Umw2ZDhQWVRvM0FjRW13PT0%3D--0871ca9f278d701d1d4009b0842bef9c4fe9253a; domain=.conservative.org; path=/; HttpOnly; Secure; SameSite=None; Secure
x-request-id: e830d550-6515-4589-9301-52903e276166
x-runtime: 0.017694
x-rack-cors: miss; no-origin
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 592cb819ba36d6d5-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02afd164150000d6d59205a200000001

Redirect headers

Date: Wed, 13 May 2020 13:27:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: __cfduid=d8fae3a9ede0260bad01dfa703679f9f51589376469; expires=Fri, 12-Jun-20 13:27:49 GMT; path=/; domain=.secure.conservative.org; HttpOnly; SameSite=Lax __cf_bm=d0a36065c51b485424ecb98c5cba230b6b83084f-1589376469-1800-AX7lkKlaIIPF1it8EPpiQatjvm1KudlQHBEhaITrRdwCMKu/Qo5/DphHvZE/2Z1sD1b+cu91vBKhR4YEDQc9rdA=; path=/; expires=Wed, 13-May-20 13:57:49 GMT; domain=.secure.conservative.org; HttpOnly; SameSite=None
Location: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 592cb816e83ddfa9-FRA
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02afd162500000dfa9ad8cc200000001

GET
H2 200 / Show response
js.stripe.com/v3/ 165 KB
43 KB 218ms
89ms Script
application/javascript 54.230.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.183.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-25.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

6ba91158d070230db54e4ce901bbc3c561a12268049795c07ebb188c06527471

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:25:44 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 127
via: 1.1 135eb6368d07b066aff0760ea5228bab.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
status: 200
x-amz-request-id: 448B62EDAC8385CF
x-amz-id-2: 5+NijOICYuttFL4XR0mulB/EWQE8PorrA9ztPo1CBealQEniC7chI/aAb80eL8lX3Cv3CXgEBZE=
last-modified: Tue, 12 May 2020 22:55:05 GMT
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: HAM50-C3
timing-allow-origin: *
x-amz-cf-id: pQaQVGX8tpC4yIfUKMzenSmu3FZ8-vr_6BlXOfhcuGsjFAQVCdzCDA==

GET
H2 200 landing_page-d0551ed99e8beb4103b4e6414e85889f93b804ed41918237f504f290d899f81a.css
secure.conservative.org/assets/ 198 KB
27 KB 30ms
28ms Stylesheet
text/css 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.conservative.org/assets/landing_page-d0551ed99e8beb4103b4e6414e85889f93b804ed41918237f504f290d899f81a.css

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b57e8be72dbf3fa44171fc9655a92ee7595c73e6a10660dd69560901a82411d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56997
cf-polished: origSize=205309
status: 200
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02afd165380000d6d59207a200000001
expires: Sat, 11 May 2030 13:27:50 GMT
last-modified: Wed, 29 Apr 2020 19:39:54 GMT
server: cloudflare
etag: W/"5ea9d80a-7672"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: text/css
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
cf-ray: 592cb81b8809d6d5-FRA
cf-bgj: minify

GET
H2 200 1588951799.css
secure.conservative.org/stylesheets/rv_page_QBjdUBvURQ6Z5FHkG8PFSbKS/ 4 KB
1 KB 27ms
26ms Stylesheet
text/css 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.conservative.org/stylesheets/rv_page_QBjdUBvURQ6Z5FHkG8PFSbKS/1588951799.css

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

878e27a1acb68dd3fe37aceec3b06640326074aba186d806e493bdd66d2a73cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-rack-cors: miss; no-origin
date: Wed, 13 May 2020 13:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56997
cf-polished: origSize=3849
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: 73d6cc7e-0c50-4359-9e35-98ab1c7ae7ed
x-runtime: 0.035893
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31556952
cf-request-id: 02afd165380000d6d59207b200000001
cf-ray: 592cb81b880bd6d5-FRA
expires: Thu, 13 May 2021 19:17:02 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 118 KB
39 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

73927b362554f187011657f2ea58d8e1f113a5fdb286643b9f98f160c347eab2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=36
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39372
x-xss-protection: 0
expires: Wed, 13 May 2020 13:57:50 GMT

GET
H2 200 application-landing-page-d6c9cf0e04820a51423369cdff2ba4799a3cc5d5db0b1b91ef7fc4367e6338db.js Show response
secure.conservative.org/assets/ 536 KB
146 KB 41ms
39ms Script
application/javascript 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.conservative.org/assets/application-landing-page-d6c9cf0e04820a51423369cdff2ba4799a3cc5d5db0b1b91ef7fc4367e6338db.js

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca57fd1719a702ae953557265b612b37ae97d42c5c15b9c61c2662b64f70e7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56997
cf-polished: origSize=549477
status: 200
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02afd165390000d6d59207c200000001
expires: Sat, 11 May 2030 13:27:50 GMT
last-modified: Wed, 06 May 2020 19:29:01 GMT
server: cloudflare
etag: W/"5eb30ffd-26516"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: application/javascript
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
cf-ray: 592cb81b880cd6d5-FRA
cf-bgj: minify

GET
H/1.1 200
OK honeybadger.min.js Show response
js.honeybadger.io/v2.1/ 14 KB
6 KB 270ms
59ms Script
application/javascript 52.222.182.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.honeybadger.io/v2.1/honeybadger.min.js
Requested by: Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.182.9 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-182-9.ham50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 513df19904398106da5646917f25c2e55ad0c614d7c2bda86f528264407ba644

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 01 Apr 2020 15:55:47 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 17 Feb 2020 18:40:29 GMT
Server: AmazonS3
Age: 3619924
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: KYMYg4MQXNtVNrkMHFbKZmCa7C.DfAVX
Via: 1.1 376388af58845ad0897ba599cce4d92f.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: HAM50-C1
Content-Type: application/javascript
X-Amz-Cf-Id: 4edFDc3sAyHxoLrDFAEY2CpHIdqzIqUnKUVUN9syDsWWbdNVLmkAsQ==

GET
H2 200 revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png
secure.conservative.org/assets/ 2 KB
2 KB 39ms
27ms Image
image/webp 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.conservative.org/assets/revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.png

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54dfbb3703e21e7f6c39b128067425a552070324d47063319ee64b1677e97dcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56992
cf-polished: origFmt=png, origSize=2844
status: 200
content-disposition: inline; filename="revv-fundraising-platform-logo-88bb0ed27f68b209dc01f51f5fe82dbf96ffb5bbe624ab3585816b17d423ae57.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 2152
cf-request-id: 02afd1664a0000d6d592098200000001
expires: Sat, 11 May 2030 13:27:50 GMT
last-modified: Tue, 21 Apr 2020 18:47:46 GMT
server: cloudflare
etag: "5e9f3fd2-b1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: image/webp
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 592cb81d4d33d6d5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 79 KB
26 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NTQZ9N

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ba22b188169ce72469690995c5c929ff31ce46e151a4a1c795df20207ffde9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26843
x-xss-protection: 0
last-modified: Wed, 13 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 May 2020 13:27:50 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 59 KB
22 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PZJP3HK

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

794c51b882c6565bb5e974b86c1832db5ca2bd95d3edb4a8838bf062c0642f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22087
x-xss-protection: 0
last-modified: Wed, 13 May 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 May 2020 13:27:50 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Apr 2020 21:54:13 GMT
server: Golfe2
age: 2955
date: Wed, 13 May 2020 12:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18433
expires: Wed, 13 May 2020 14:38:35 GMT

GET
H2 200 m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
js.stripe.com/v3/ Frame 8B22 0
0 81ms
79ms Document
text/html 54.230.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.183.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-25.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-a0f6c1465b8d9aab778cf2913d1d3c86.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 238
x-amz-id-2: Sc4MReTF+1k+k/r3zRFkL/x9Cc4ObNxS484glJXOgqrLp+QNYGGM5O+DFMddoq9JmYEOuSXSmfM=
x-amz-request-id: AE817FEA5168BF98
last-modified: Fri, 28 Feb 2020 23:42:06 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Wed, 13 May 2020 13:25:30 GMT
etag: "a0f6c1465b8d9aab778cf2913d1d3c86"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 135eb6368d07b066aff0760ea5228bab.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: BGyshdHaskQ0sEB11PwVFMPK8m-Laik_KHmM_z5uWXEi-XiSexDY5A==
age: 141

GET
H2 200 Untitled_design_%284%29.png
d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/040/383/large/ 521 KB
522 KB 674ms
545ms Image
image/png 13.224.196.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d35ligi1n5bgzc.cloudfront.net/backgrounds/images/000/040/383/large/Untitled_design_%284%29.png
Requested by: Host: secure.conservative.org
URL: https://secure.conservative.org/assets/application-landing-page-d6c9cf0e04820a51423369cdff2ba4799a3cc5d5db0b1b91ef7fc4367e6338db.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.107 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-196-107.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b388df2fd13aa4e04c0e5d5c41113113fccf67a51860b11d470f9b49dddf75c

Request headers

Referer: https://secure.conservative.org/stylesheets/rv_page_QBjdUBvURQ6Z5FHkG8PFSbKS/1588951799.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 13 May 2020 13:27:52 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified: Wed, 06 May 2020 19:32:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "88a107a4228187c8561b4b14b4e5a391"
x-cache: Miss from cloudfront
x-amz-version-id: PLWkmbbmhWyzX8uXTZgX.CObCxCgz_kU
status: 200
accept-ranges: bytes
content-type: image/png
content-length: 533817
x-amz-cf-id: BLxVf-riELjR6oEHfV1V41lT_NRxAj3DMRzy4uTmpg2zQlfCnDuHFA==

GET
H2 200 icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png
secure.conservative.org/assets/ 290 B
553 B 27ms
27ms Image
image/webp 2606:4700:10::6814:443
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.conservative.org/assets/icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.png

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/assets/application-landing-page-d6c9cf0e04820a51423369cdff2ba4799a3cc5d5db0b1b91ef7fc4367e6338db.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:443 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/assets/landing_page-d0551ed99e8beb4103b4e6414e85889f93b804ed41918237f504f290d899f81a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:50 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 56991
cf-polished: origFmt=png, origSize=560
status: 200
content-disposition: inline; filename="icon-dropdown-background-52b35865280d33e30f9708871085b8db6862e75bc159d6e8e3cd77af6c36bdde.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
content-length: 290
cf-request-id: 02afd166b50000d6d5920a4200000001
expires: Sat, 11 May 2030 13:27:50 GMT
last-modified: Wed, 29 Apr 2020 19:38:41 GMT
server: cloudflare
etag: "5ea9d7c1-230"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
access-control-allow-methods: GET, PUT, POST, DELETE
content-type: image/webp
access-control-expose-headers: ETag
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 592cb81def91d6d5-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 controller-13d62d56f712a1c3187f2e960e3812ea.html
js.stripe.com/v3/ Frame E359 0
0 81ms
81ms Document
text/html 54.230.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-13d62d56f712a1c3187f2e960e3812ea.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.183.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-25.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/controller-13d62d56f712a1c3187f2e960e3812ea.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 345
x-amz-id-2: jj/ZiZaq00n9MnXcp7LvxnlWYoeihEVwbhl/xJ16bCxorio/8nyWxwASnjA7VXJVunPCJvf813k=
x-amz-request-id: 0B4585345D014EFF
last-modified: Tue, 12 May 2020 22:55:03 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
date: Wed, 13 May 2020 13:23:44 GMT
etag: "13d62d56f712a1c3187f2e960e3812ea"
cache-control: public, max-age=300
x-cache: Hit from cloudfront
via: 1.1 135eb6368d07b066aff0760ea5228bab.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: kOmic6vu5DA4Gk1mLVe6o0xwLI02z47jED4TMvywnurTQf2D7RFYsw==
age: 248

GET
H2 200 elements-inner-card-5d27dc4b01f07cd0b875991391dc66cc.html
js.stripe.com/v3/ Frame 5237 0
0 106ms
105ms Document
text/html 54.230.183.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-5d27dc4b01f07cd0b875991391dc66cc.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.230.183.25 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-54-230-183-25.ham50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/elements-inner-card-5d27dc4b01f07cd0b875991391dc66cc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Response headers

status: 200
content-type: text/html; charset=utf-8
x-amz-id-2: EDtkGLPFTMM9Okxn+83kuQzlgFmaS0Y3W/kBhDT6h5ZIsMqvERaUIp8NWSSKfJdV3E5sIXBEuJM=
x-amz-request-id: F06A05535CD6516B
last-modified: Tue, 12 May 2020 22:55:03 GMT
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Wed, 13 May 2020 13:23:08 GMT
cache-control: public, max-age=300
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 135eb6368d07b066aff0760ea5228bab.cloudfront.net (CloudFront)
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: pxndW8ij-U_g3oLpVzM92izjfPiPHMxf8kF6ZkkgroHx-SHdca8YzQ==
age: 287

GET current_with_info
app.revv.co/api/v3/users/ 0
0

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/12/ 77 KB
28 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/12/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

577883ab78d528858b4661d48c37c13fef4d1a5d3ead50c068bdd7a0006b6a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 21:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 00:16:31 GMT
server: sffe
age: 58566
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29052
x-xss-protection: 0
expires: Wed, 12 May 2021 21:11:45 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/12/ 144 KB
53 KB 20ms
17ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/12/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f6a9caa0a8dc7e1fe441797afed2828f72d394d008b780492b8bc00d7d31b0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 11 May 2020 22:13:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 00:16:31 GMT
server: sffe
age: 141290
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54116
x-xss-protection: 0
expires: Tue, 11 May 2021 22:13:01 GMT

GET
H2 200 controls.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/12/ 208 KB
56 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/12/controls.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a70d9579e7fd852be62402e9d6ab4bc05eddf58add75b5deea9a275c0d81bfac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 19:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 00:16:31 GMT
server: sffe
age: 581611
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57602
x-xss-protection: 0
expires: Thu, 06 May 2021 19:54:20 GMT

GET
H2 200 places_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/40/12/ 42 KB
16 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/40/12/places_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2606683f53fa9bfc6811cf720c8e01e8c90baef0d85d67500742b2e2227169de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 06 May 2020 19:54:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 May 2020 00:16:31 GMT
server: sffe
age: 581611
vary: Accept-Encoding, Origin
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16488
x-xss-protection: 0
expires: Thu, 06 May 2021 19:54:20 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2071520408&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_gid=1066818393.1589376471&gjid=775644980&_v=j82&z=736569215
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_v=j82&z=736569215
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_v=j82&z=736569215&slf_rd=1&random=2511030167

42 B
106 B

18ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_v=j82&z=736569215&slf_rd=1&random=2511030167

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 13:27:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 May 2020 13:27:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-60167497-5&cid=144775466.1589376471&jid=1287650329&_v=j82&z=736569215&slf_rd=1&random=2511030167
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j82&a=2071520408&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_gid=1066818393.1589376471&gjid=24323707&_v=j82&z=2114247533
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_v=j82&z=2114247533
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_v=j82&z=2114247533&slf_rd=1&random=728564169

42 B
106 B

29ms
28ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_v=j82&z=2114247533&slf_rd=1&random=728564169

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 13:27:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 13 May 2020 13:27:51 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-73658561-7&cid=144775466.1589376471&jid=1962544922&_v=j82&z=2114247533&slf_rd=1&random=728564169
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: as.adsoniris.com
URL: http://as.adsoniris.com/click/2/7318/308099fe6006d56de1c2b1a26a4c969e/101299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: Y5QFEUCY/InvXtXx33eOWdQkfqla7Dy+H/ajdPxqzH1+LRYWXxW5DuyAGpJeycr3ZE911iLSPWRdqB81I0PjTg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 13 May 2020 13:27:51 GMT, Wed, 13 May 2020 13:27:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 powered-by-google-on-white3.png
maps.gstatic.com/mapfiles/api-3/images/ 2 KB
2 KB 49ms
46ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/powered-by-google-on-white3.png

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1616
x-xss-protection: 0
expires: Wed, 13 May 2020 13:27:51 GMT

GET
H2 200 autocomplete-icons.png
maps.gstatic.com/mapfiles/api-3/images/ 3 KB
3 KB 51ms
48ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/api-3/images/autocomplete-icons.png

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:51 GMT
x-content-type-options: nosniff
last-modified: Thu, 17 Oct 2019 23:15:00 GMT
server: sffe
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3351
x-xss-protection: 0
expires: Wed, 13 May 2020 13:27:51 GMT

GET
H2 200 2518396198442315 Show response
connect.facebook.net/signals/config/ 475 KB
120 KB 73ms
53ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2518396198442315?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d62c92f81813b8174252cbc3099ec62cfd38c9887b0bb59dc2ad02b3ef64faf3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 0oHUjhja+0bxuhn5z1xILBjfjCEMBEjC3ng6n3JQlT6FukoYzJfCTmmi6tDkzQigZCK+VyiEz+AhkXcJNko1Iw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 13 May 2020 13:27:51 GMT, Wed, 13 May 2020 13:27:51 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
253 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2518396198442315&ev=PageView&dl=https%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_content%3D20200508_Newsletter%26utm_medium%3Demail%26utm_source%3DAE&rl=http%3A%2F%2Fas.adsoniris.com%2Fclick%2F2%2F7318%2F308099fe6006d56de1c2b1a26a4c969e%2F101299&if=false&ts=1589376471635&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589376471634.94792027&it=1589376471505&coo=false&rqm=GET

Requested by

Host: secure.conservative.org
URL: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 13 May 2020 13:27:51 GMT, Wed, 13 May 2020 13:27:51 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 13 May 2020 13:27:51 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
79 B 6ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYV84G39Xze6z6HTs

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 13 May 2020 13:27:52 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://secure.conservative.org
access-control-allow-credentials: true
alt-svc: h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 collect
www.google-analytics.com/ 35 B
105 B 8ms
8ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j82&a=2071520408&t=timing&_s=2&dl=https%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_content%3D20200508_Newsletter%26utm_medium%3Demail%26utm_source%3DAE&dr=http%3A%2F%2Fas.adsoniris.com%2Fclick%2F2%2F7318%2F308099fe6006d56de1c2b1a26a4c969e%2F101299&ul=en-us&de=UTF-8&dt=Donate%20Today!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&plt=2633&pdt=11&dns=0&rrt=467&srt=175&tcp=30&dit=1166&clt=1166&_gst=1163&_gbt=1660&_cst=796&_cbt=1745&_u=aGDACEABB~&jid=&gjid=&cid=144775466.1589376471&tid=UA-60167497-5&_gid=1066818393.1589376471&z=22559157

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Apr 2020 12:50:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2767060
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 10ms
8ms Image
image/gif 2a00:1450:4001:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Apr 2020 12:50:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2767060
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 233 B
260 B 30ms
27ms Script
text/javascript 2a00:1450:4001:817::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fsecure.conservative.org%2Ftucker-carlson%2F%3Famount%3D30%26utm_campaign%3D20200508_AE_ACU%26utm_content%3D20200508_Newsletter%26utm_medium%3Demail%26utm_source%3DAE&4sAIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&callback=_xdc_._1sgwo9&key=AIzaSyAy0kD_qWlvwPwUm8rEqw8VqasaKCwd3I4&token=117989

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/40/12/common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

cccc586bb123e2a9ad44fd12124037590d0890eb6dfc804f45d9631cc3e63234

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 May 2020 13:27:55 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=13
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: app.revv.co
URL: https://app.revv.co/api/v3/users/current_with_info?organization_token=rv_org_Zu9RNCr57ejJNbJLhE7pUadc

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.conservative.org/	1970-01-19 09:31:02	Name: _gid Value: GA1.2.1066818393.1589376471
.conservative.org/	1970-01-20 03:00:48	Name: _ga Value: GA1.2.144775466.1589376471
secure.conservative.org/	1969-12-31 23:59:59	Name: origin_url Value: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE
.conservative.org/	1970-01-19 11:39:12	Name: _fbp Value: fb.1.1589376471634.94792027
.secure.conservative.org/	1970-01-19 09:29:38	Name: __stripe_sid Value: 744be23d-2626-4175-b690-844052e67687
.secure.conservative.org/	1970-01-19 18:15:12	Name: __stripe_mid Value: 61c07175-ab83-4972-9296-d94b5228a11f
.conservative.org/	1969-12-31 23:59:59	Name: _revv_v3_session Value: NUJmMG50amIwOWN1eGpIQ3h0RFl5REtpRHpFNXNNUG5JeEZaNmJXSU5PMVdjQU5WU0t3NXFTQ3M3cXdNM2hLQStrRm14dkp3L1h3a0R2WUFWc21zTkhOUHc4MGJDRjNIMUxBUEpNQ0MzcFNHNmRkMk83UnMzNWxvYmV2STlyRzcxR3BJcitpWGdUYUhpL05XV2dQanZCM05heWVndHpHRytUMXprcUIyRTdnQzJUaWFLUUNSdytsbFIxdkg5MFVETG5MOWxmdlljdGRyeWF4a3VxRDA4MW5nZzhzb0NHcXZoS2xHYTJkOXllek5GQ1E5YTgzeE92TEY1aEJHb0RKUkxQQXVEUzNpMk13NnVHK24zMVZzVmthM3BWRFV1Z1lONWhRcmtiMk1MSklGaHZheDRaNjlkQnhRNUpNSFBBRzAzQmM1d1dtRFVNOVp3b21JdGc3SDk3dmdJNjJPWk9PbDBhM05qd0pOR0dXL0tGYzdWSzlVMy9PeDZpVkdoQVdaYlFnZDBTc2ozK1VqYzdGUU80QVZ6Zz09LS1SK2x5TUl4Umw2ZDhQWVRvM0FjRW13PT0%3D--0871ca9f278d701d1d4009b0842bef9c4fe9253a
.conservative.org/	1970-01-19 09:29:36	Name: _gat_UA-73658561-7 Value: 1
.conservative.org/	1970-01-19 09:29:36	Name: _gat Value: 1
.secure.conservative.org/	1970-01-19 09:29:38	Name: __cf_bm Value: d0a36065c51b485424ecb98c5cba230b6b83084f-1589376469-1800-AX7lkKlaIIPF1it8EPpiQatjvm1KudlQHBEhaITrRdwCMKu/Qo5/DphHvZE/2Z1sD1b+cu91vBKhR4YEDQc9rdA=
.secure.conservative.org/	1970-01-19 10:12:48	Name: __cfduid Value: d8fae3a9ede0260bad01dfa703679f9f51589376469

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://js.honeybadger.io/v2.1/honeybadger.min.js(Line 1) Message: Google Maps JavaScript API error: RefererNotAllowedMapError https://developers.google.com/maps/documentation/javascript/error-messages#referer-not-allowed-map-error Your site URL to be authorized: https://secure.conservative.org/tucker-carlson/?amount=30&utm_campaign=20200508_AE_ACU&utm_content=20200508_Newsletter&utm_medium=email&utm_source=AE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.revv.co
as.adsoniris.com
connect.facebook.net
d35ligi1n5bgzc.cloudfront.net
images.passendo.com
js.honeybadger.io
js.stripe.com
maps.googleapis.com
maps.gstatic.com
news.presscorp.org
px.powerlinks.com
secure.conservative.org
stats.g.doubleclick.net
sync.1rx.io
sync.mathtag.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
app.revv.co
13.224.196.107
185.29.132.21
213.19.147.150
2606:4700:10::6814:443
2a00:1450:4001:800::2003
2a00:1450:4001:801::2008
2a00:1450:4001:806::2003
2a00:1450:4001:817::200a
2a00:1450:4001:817::200e
2a00:1450:4001:81e::2004
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
40.113.136.100
52.200.146.93
52.212.220.130
52.222.182.9
54.230.183.25
54.76.119.149
0ba22b188169ce72469690995c5c929ff31ce46e151a4a1c795df20207ffde9b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b388df2fd13aa4e04c0e5d5c41113113fccf67a51860b11d470f9b49dddf75c
2606683f53fa9bfc6811cf720c8e01e8c90baef0d85d67500742b2e2227169de
2f1fd973e6c48489ae07c467e3278635b856c698d1f502e06af3ab555937deac
3b57e8be72dbf3fa44171fc9655a92ee7595c73e6a10660dd69560901a82411d
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
513df19904398106da5646917f25c2e55ad0c614d7c2bda86f528264407ba644
54dfbb3703e21e7f6c39b128067425a552070324d47063319ee64b1677e97dcf
577883ab78d528858b4661d48c37c13fef4d1a5d3ead50c068bdd7a0006b6a29
5a0eefd6194940c9c177a9c2f0ceb65d2682db9676ccdc588ed530be1e269d8d
6ba91158d070230db54e4ce901bbc3c561a12268049795c07ebb188c06527471
73927b362554f187011657f2ea58d8e1f113a5fdb286643b9f98f160c347eab2
794c51b882c6565bb5e974b86c1832db5ca2bd95d3edb4a8838bf062c0642f37
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
878e27a1acb68dd3fe37aceec3b06640326074aba186d806e493bdd66d2a73cb
8f6a9caa0a8dc7e1fe441797afed2828f72d394d008b780492b8bc00d7d31b0c
96b04ef160f8b50520a48707a452fecdd6e6771c643706d5949020a2dea15962
a70d9579e7fd852be62402e9d6ab4bc05eddf58add75b5deea9a275c0d81bfac
ca57fd1719a702ae953557265b612b37ae97d42c5c15b9c61c2662b64f70e7a8
cccc586bb123e2a9ad44fd12124037590d0890eb6dfc804f45d9631cc3e63234
cd80d0dcb2a44bd30c11fcdf13d4c280f336dad9442ee7da79146f2bb77381a4
d62c92f81813b8174252cbc3099ec62cfd38c9887b0bb59dc2ad02b3ef64faf3
db209390b90b70f4b1ef3540cb581e4ec8edbba21980971b68e4aef5c5d352fb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb9ccd2faa476900c0fef5a30b1461b9fd4a531926cd6801f7395ca7d4a69d35

secure.conservative.org Open in urlscan Pro 2606:4700:10::6814:443 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

35 Requests

94 %HTTPS

53 %IPv6

20 Domains

20 Subdomains

15 IPs

6 Countries

1174 kBTransfer

2853 kBSize

11 Cookies

3 Outgoing links

Page URL History

Redirected requests

35 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

secure.conservative.org Open in urlscan Pro
2606:4700:10::6814:443 Public Scan

Screenshot
Live screenshot

Full Image

35
Requests

94 %
HTTPS

53 %
IPv6

20
Domains

20
Subdomains

15
IPs

6
Countries

1174 kB
Transfer

2853 kB
Size

11
Cookies

35 HTTP transactions
0 data transactions