urlscan.io logo urlscan.io
SecurityTrails logo

act.nrcc.org Open in urlscan Pro
35.203.178.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ct12.thegopemail.com/t/13257909/483709310/209647/2/
Effective URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&u...
Submission Tags: falconsandbox
Submission: On March 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 6 countries across 19 domains to perform 67 HTTP transactions. The main IP is 35.203.178.34, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is act.nrcc.org.
TLS certificate: Issued by R3 on March 9th 2022. Valid for: 3 months.
This is the only time act.nrcc.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    8.224.216.30 (United States)

ASN3356 (LEVEL3, US)
PTR: smtpl4-30-unassigned.dmsgs.com
ct12.thegopemail.com
29    35.203.178.34 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 34.178.203.35.bc.googleusercontent.com
act.nrcc.org
2    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
1    151.101.192.217 (United States)

ASN54113 (FASTLY, US)
player.vimeo.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net
www.googleadservices.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:223c:a400:b:6268:b880:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn1.lockerdomecdn.com
4    3.226.212.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-212-93.compute-1.amazonaws.com
tags.srv.stackadapt.com
3    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4010:c01::5e (Lappeenranta, Finland)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)
static.addtoany.com
Apex Domain
Subdomains		 Transfer
29 nrcc.org
act.nrcc.org
505 KB
4 google.de
www.google.de — Cisco Umbrella Rank: 3714
871 B
4 google.com
www.google.com — Cisco Umbrella Rank: 20
871 B
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 61
stats.g.doubleclick.net — Cisco Umbrella Rank: 163
5 KB
4 stackadapt.com
tags.srv.stackadapt.com — Cisco Umbrella Rank: 4325
6 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132
137 KB
2 addtoany.com
static.addtoany.com — Cisco Umbrella Rank: 4673
27 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188
114 KB
2 yimg.com
s.yimg.com — Cisco Umbrella Rank: 502
7 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98
20 KB
2 gstatic.com
fonts.gstatic.com
20 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 81
51 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
1 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1011
719 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 94
297 B
1 lockerdomecdn.com
cdn1.lockerdomecdn.com — Cisco Umbrella Rank: 15256
9 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110
15 KB
1 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2437
7 KB
1 thegopemail.com
ct12.thegopemail.com
932 B
67 19
Domain Requested by
29 act.nrcc.org act.nrcc.org
4 www.google.de act.nrcc.org
4 www.google.com act.nrcc.org
4 tags.srv.stackadapt.com act.nrcc.org
tags.srv.stackadapt.com
3 googleads.g.doubleclick.net www.googleadservices.com
3 www.googletagmanager.com act.nrcc.org
www.googletagmanager.com
2 static.addtoany.com act.nrcc.org
static.addtoany.com
2 connect.facebook.net act.nrcc.org
connect.facebook.net
2 s.yimg.com act.nrcc.org
s.yimg.com
2 www.google-analytics.com www.googletagmanager.com
act.nrcc.org
2 fonts.gstatic.com fonts.googleapis.com
2 www.youtube.com act.nrcc.org
www.youtube.com
2 fonts.googleapis.com act.nrcc.org
1 stats.g.doubleclick.net www.google-analytics.com
1 sp.analytics.yahoo.com act.nrcc.org
1 www.facebook.com act.nrcc.org
1 cdn1.lockerdomecdn.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 player.vimeo.com act.nrcc.org
1 ct12.thegopemail.com 1 redirects
67 20

This site contains links to these domains. Also see Links.

Domain
nrcc.org
secure.winred.com
www.nrcc.org
www.addtoany.com
Subject Issuer Validity Valid
act.nrcc.org
R3		 2022-03-09 -
2022-06-07		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.vimeo.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-07 -
2023-04-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-14 -
2022-05-04		 2 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-05 -
2022-04-05		 3 months crt.sh
*.lockerdomecdn.com
Amazon		 2022-01-25 -
2023-02-23		 a year crt.sh
*.srv.stackadapt.com
Amazon		 2021-11-09 -
2022-12-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-15 -
2022-09-07		 6 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-05 -
2022-07-04		 a year crt.sh

This page contains 2 frames:

Primary Page: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Frame ID: 88DD67507AB54A18344F695FFAEDB56F
Requests: 66 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: FE1D799F0256CDD9CCF8FA1A0467D817
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Wish President Trump a Happy Birthday!

Page URL History Show full URLs

  1. http://ct12.thegopemail.com/t/13257909/483709310/209647/2/ HTTP 302
    https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_me... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • addtoany\.com/menu/page\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

67
Requests

100 %
HTTPS

70 %
IPv6

19
Domains

20
Subdomains

19
IPs

6
Countries

927 kB
Transfer

2124 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ct12.thegopemail.com/t/13257909/483709310/209647/2/ HTTP 302
    https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
act.nrcc.org/happy-birthday-trump/
Redirect Chain
  • http://ct12.thegopemail.com/t/13257909/483709310/209647/2/
  • https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_...
32 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
fef1b521f8b08256e1bd8f1e7d19e47b7d1d559eba46f46e3ff1fe26750dc4ed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Tue, 29 Mar 2022 12:47:42 GMT
content-type
text/html; charset=UTF-8
content-length
8150
link
<https://act.nrcc.org/wp-json/>; rel="https://api.w.org/" <https://act.nrcc.org/wp-json/wp/v2/pages/665>; rel="alternate"; type="application/json" <https://act.nrcc.org/?p=665>; rel=shortlink
vary
Accept-Encoding
content-encoding
gzip
x-powered-by
WP Engine
x-pass-why
custom-args

Redirect headers

Date
Tue, 29 Mar 2022 12:47:41 GMT
Connection
Close
Content-Type
text/html
Content-Length
418
Location
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
URI
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
style.min.css
act.nrcc.org/wp-includes/css/dist/block-library/ 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/css/dist/block-library/style.min.css?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Thu, 17 Feb 2022 19:42:26 GMT
server
nginx
etag
W/"620ea522-145a9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		2 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:500
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d7b72fcd164aa35ce633554422a56ae9c32268e6da508b5cebc01065938fa5ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 11:06:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 12:47:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 12:47:42 GMT
ss-social-regular.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ss-social-regular.css?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c92c978bb851baf62c3d8ded46de8fb80c528974558f2e1c4a82f541f294e60e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-1293"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
animate.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/animate.css?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0dd2d4b7b81e26f5459b1f9f8ee51c72b87aa90d55033f686b827d582a2481dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-11c23"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/theme.css?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6adb862ed444b85e22319d7377735f5986e268291c669683c085b97d4f0a4e67

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 13 Nov 2018 20:26:18 GMT
server
nginx
etag
W/"5beb336a-2fb5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
magnific-popup.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/magnific-popup.css?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-1b27"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
readyclass.min.css
act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/ 		30 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/readyclass.min.css?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-781d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
formsmain.min.css
act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/ 		78 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/formsmain.min.css?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
57105f0d09b065648031b4127971f8e91e9d8c40e8a25362c36adcc2ca6000d3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-139e5"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
gf-fix.css
act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/ 		2 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/css/gf-fix.css?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
232307a0287be057f360eb5f35569b69a0fddbf67aa4deb29765b90cc827f595

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-877"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
formreset.min.css
act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/ 		4 KB
600 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/formreset.min.css?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:42 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-f14"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
browsers.min.css
act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/legacy/css/browsers.min.css?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-20d7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
css
fonts.googleapis.com/ 		2 KB
617 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arial%3A400%7COswald&subset=latin&ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 12:47:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 12:47:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 12:47:43 GMT
ss-social.js
act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ss-social.js?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
cadb7853e242146c5699c0427f90a6bde213dd65d3105b81040fa558c7d739d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-12ad"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.min.js
act.nrcc.org/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 15:07:24 GMT
server
nginx
etag
W/"6048e0ac-15db1"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
act.nrcc.org/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Wed, 18 Nov 2020 09:06:06 GMT
server
nginx
etag
W/"5fb4e3fe-2bd8"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.magnific-popup.js
act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ 		41 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/jquery.magnific-popup.js?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-a302"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
site.js
act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/site.js?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6f2b785fb3851ad36305fb9ef324ab37d3411fdb0ac21ea1e3da28f256308217

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 30 Jan 2018 23:28:21 GMT
server
nginx
etag
W/"5a70ff95-3c27"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.json.min.js
act.nrcc.org/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-738"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
gravityforms.min.js
act.nrcc.org/wp-content/plugins/gravityforms/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fec6316e6e45e87432cfa9e4ba33f024e8f33d3de07586aa3d1853d9873824fe

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-aba9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/ 		102 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-815133722
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a107c884ebed73c63dcc5d1519f536ee87f34ab117c5164e26864ebf52f31150
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41302
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Mar 2022 12:47:43 GMT
House-Republicans-Logo-01-1.png
act.nrcc.org/wp-content/uploads/2021/03/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.nrcc.org/wp-content/uploads/2021/03/House-Republicans-Logo-01-1.png
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
916089ff48d67576a9fdef763d7d227ac92f93353e82cee685bf002f35a681d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
last-modified
Fri, 19 Mar 2021 18:52:23 GMT
server
nginx
etag
"6054f2e7-461a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
17946
2021_Trump-Birthday-Card_Act-Page_2560x1440-01-1.png
act.nrcc.org/wp-content/uploads/2021/05/ 		343 KB
343 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://act.nrcc.org/wp-content/uploads/2021/05/2021_Trump-Birthday-Card_Act-Page_2560x1440-01-1.png
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
1657cedfea9ceef327dcf65648079df9af9b1b1ebe20d89ea4e5b5ea666baab3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
last-modified
Wed, 12 May 2021 16:45:02 GMT
server
nginx
etag
"609c060e-55aeb"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
350955
comment-reply.min.js
act.nrcc.org/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/comment-reply.min.js?ver=5.9.2
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Mon, 01 Nov 2021 21:47:13 GMT
server
nginx
etag
W/"61806061-ba3"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
regenerator-runtime.min.js
act.nrcc.org/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 16:35:13 GMT
server
nginx
etag
W/"61928c41-195e"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-polyfill.min.js
act.nrcc.org/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
etag
W/"61925789-4b3d"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
dom-ready.min.js
act.nrcc.org/wp-includes/js/dist/ 		1 KB
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Thu, 27 May 2021 00:17:06 GMT
server
nginx
etag
W/"60aee502-4e9"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
hooks.min.js
act.nrcc.org/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
etag
W/"61925789-163a"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
i18n.min.js
act.nrcc.org/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
etag
W/"61925789-28a7"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
a11y.min.js
act.nrcc.org/wp-includes/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Mon, 15 Nov 2021 12:50:17 GMT
server
nginx
etag
W/"61925789-bfd"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.maskedinput.min.js
act.nrcc.org/wp-content/plugins/gravityforms/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/js/jquery.maskedinput.min.js?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
79ebaa6574842c7ac356bc54fe5646115e56a29743405205f685eae70978627c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-108c"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
placeholders.jquery.min.js
act.nrcc.org/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://act.nrcc.org/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.9
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.203.178.34 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
34.178.203.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
last-modified
Tue, 24 Aug 2021 14:51:30 GMT
server
nginx
etag
W/"61250772-121f"
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
iframe_api
www.youtube.com/ 		980 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/site.js?ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c25be056dab4195e5e7e64a5880036521e6ccb3a7da1d6157c51394eb62af0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
expires
Tue, 29 Mar 2022 12:47:43 GMT
player.js
player.vimeo.com/api/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/api/player.js
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/site.js?ver=5.9.2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c973bdd65f848dff89ec0cbee8716a2449fe526c0b630d5a0e23ab350d8db2ed
Security Headers
Name Value
Content-Security-Policy default-src 'none'; style-src 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

X-Varnish-Cache
0
Content-Security-Policy
default-src 'none'; style-src 'unsafe-inline'
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Age
624
X-Cache
HIT
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
Content-Encoding
gzip
X-VServer
infra-playproxy-b-14
Content-Length
5957
X-Xss-Protection
1; mode=block
X-Served-By
cache-hhn4042-HHN
X-Player-Backend
p
Expires
Tue, 29 Mar 2022 13:07:19 GMT
Server
nginx
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Timer
S1648558063.471628,VS0,VE0
Date
Tue, 29 Mar 2022 12:47:43 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
X-Cache-Hits
1586
gtm.js
www.googletagmanager.com/ 		172 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7f06d0ff6a2e1b27b0ef81bf37d7248b151abd19d2762dbaefdc3a561407a78d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60773
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Mar 2022 12:47:43 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Arial%3A400%7COswald&subset=latin&ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.nrcc.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 23:35:54 GMT
x-content-type-options
nosniff
age
393109
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9828
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:03:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Mar 2023 23:35:54 GMT
TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
fonts.gstatic.com/s/oswald/v47/ 		10 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v47/TK3_WkUHHAIjg75cFRf3bXL8LICs18NvsUZiZQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9e610fb6ac16f917482ef17f14b32761e74d94463ddd22d25e63e1fc8b1aacd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://act.nrcc.org
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Thu, 24 Mar 2022 23:36:59 GMT
x-content-type-options
nosniff
age
393044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10216
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:18:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Mar 2023 23:36:59 GMT
www-widgetapi.js
www.youtube.com/s/player/3a393eba/www-widgetapi.vflset/ 		151 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/3a393eba/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52b99570f47b19d1937f1ac1fba9a41b9b834d5f4af0f03b216e335d5a81db83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:35:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
706
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50119
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 00:15:16 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 29 Mar 2023 12:35:57 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-815133722
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f2.1e100.net
Software
cafe /
Resource Hash
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14883
x-xss-protection
0
server
cafe
etag
14534967036905587165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 12:47:43 GMT
js
www.googletagmanager.com/gtag/ 		92 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=DC-9232116
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6adf1682559f92e9d0b4a6d72b9db7c4e48bff51282ba381cd8f0be5e098e0e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37347
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Mar 2022 12:47:43 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2577
date
Tue, 29 Mar 2022 12:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 29 Mar 2022 14:04:46 GMT
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 29 Mar 2022 12:33:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
844
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5748
x-amz-id-2
TNPMs6Wg+QXipe/roG0fFlSRz1gwA0h9+QeiE1k0Xq9U1p5DvCWIJhWXp16j2XG1b2u1zIVGatI=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 22 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 17 Jan 2022 12:00:39 GMT
server
ATS
etag
"13a189bb8f25228852b3279db3659c28-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
1W0TECDR73GPCMV1
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
pAIvW1wzOXi43b8v53GVflu.j8ZqoXS3
accept-ranges
bytes
content-type
application/javascript
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
Z1Krv/cUJta3oeWvPaEmpZpCB7uOWKEcputZ3zbxV2FqAnK7F7tUsqGVoxjUokMkUySEbnKCkBHE5/jw9/k5bA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 29 Mar 2022 12:47:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
nationalmediadigital_lander.js
cdn1.lockerdomecdn.com/tracking/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/tracking/nationalmediadigital_lander.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5F48L7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:a400:b:6268:b880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1bf6c06e8e4e5bb209dfdc45c15af0527025b764fe353012ee3f8d54dcf19d56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

x-amz-version-id
7z8u3UmM1Ng1O8ww2gvzoxrRek4UxT7S
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
last-modified
Wed, 27 Oct 2021 21:59:44 GMT
server
AmazonS3
age
35744
etag
"d9e4cc8485968881201d90d359a926b1"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Tue, 29 Mar 2022 02:51:59 GMT
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
9127
x-amz-cf-id
rHvkOt60PkwwoZP8gpTrZlE8tsDoxR2qc9VX5iX-SHs36z5Tv8CLJA==
events.js
tags.srv.stackadapt.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/events.js
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.212.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-212-93.compute-1.amazonaws.com
Software
/
Resource Hash
7b220f426ba8f6ac0682f685b177ba6da5aa60e7d1bc612d002200d5c470a224

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 12:47:44 GMT
Content-Encoding
gzip
Cache-Control
max-age=30
Content-Length
4435
Connection
keep-alive
Content-Type
text/javascript
316720908987052
connect.facebook.net/signals/config/ 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/316720908987052?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bb7da0994831b5b39def8d13cd92b169e293a385dc9722f5774bb1cb93bfd460
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ge+7JzNEHfNwa88nOVswrQpT2F2iZo+I11QxbCxf6MzITLzKzY3WIT+bAryQKLqS4aTCi2xia7tIFJCxtAhV3g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 29 Mar 2022 12:47:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
10148631.json
s.yimg.com/wi/config/ 		46 B
682 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10148631.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
7802514279d805a825923d8ff3b2746e3fa7d4c719d791292b6f860bc2acf20d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
age
0
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
72CS5RRVF6MCMAS1
x-amz-id-2
IiLuDwVIY8M3GywPywgcKcdFH1I2sRHwgA8LugyMmDHxslSrIaixuA8VRtQNL5DI8mKtj60+ZZI=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 21 Apr 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 16 Mar 2021 21:40:26 GMT
server
ATS
etag
"d858dce265978fc7a1a7968464b2fe67"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
N.HJs8PUS0Jb0spThXPpZMLOlS2fnzOy
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/octet-stream
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1648558063181&cv=9&fst=1648558063181&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3n1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
545cee78de8ea923026bfa3bcdb188b65aa99b2dbbd027b4e220051068e02d70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1180
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1648558063186&cv=9&fst=1648558063186&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
737753409412808a233ebb465d51885c1cf9c4f724dc2fcb7ec5d6c513b439f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1159
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/815133722/?random=1648558063228&cv=9&fst=1648558063228&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3n1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f474b1a6f9051de7391f8ab09aae5000f43b36b10c79900824be74ac35fe6c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1177
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=316720908987052&ev=PageView&dl=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&rl=&if=false&ts=1648558063243&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=29&fbp=fb.1.1648558063241.91682446&it=1648558063095&coo=false&exp=p1&rqm=GET
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 29 Mar 2022 12:47:43 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2029%20Mar%202022%2012%3A47%3A43%20GMT&n=0&b=Wish%20President%20Trump%20a%20Happy%20Birthday!&.yp=10148631&f=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&enc=UTF-8&yv=1.12.0&tagmgr=gtm
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
accept-ranges
bytes
content-length
43
referrer-policy
strict-origin-when-cross-origin
expires
Tue, 29 Mar 2022 12:47:44 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15267911-1&cid=887175446.1648558063&jid=747309278&gjid=1174145259&_gid=1608902485.1648558063&_u=YGBAiEABBAAAAE~&z=885895355
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act.nrcc.org/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Mar 2022 12:47:44 GMT
content-type
text/plain
access-control-allow-origin
https://act.nrcc.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=479299055&t=pageview&_s=1&dl=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&ul=en-us&de=UTF-8&dt=Wish%20President%20Trump%20a%20Happy%20Birthday!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=747309278&gjid=1174145259&cid=887175446.1648558063&tid=UA-15267911-1&_gid=1608902485.1648558063&gtm=2wg3n15F48L7&z=176232790
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Mar 2022 16:32:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72912
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/815133722/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/815133722/?random=1648558063181&cv=9&fst=1648555200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&fmt=3&is_vtc=1&random=3355012955&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/815133722/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/815133722/?random=1648558063181&cv=9&fst=1648555200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&fmt=3&is_vtc=1&random=3355012955&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c01::5e Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/815133722/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/815133722/?random=1648558063186&cv=9&fst=1648555200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&fmt=3&is_vtc=1&random=1550085462&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/815133722/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/815133722/?random=1648558063186&cv=9&fst=1648555200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg3n1&sendb=1&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&fmt=3&is_vtc=1&random=1550085462&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c01::5e Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/815133722/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/815133722/?random=1648558063228&cv=9&fst=1648555200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&fmt=3&is_vtc=1&random=151496481&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/815133722/ 		42 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/815133722/?random=1648558063228&cv=9&fst=1648555200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa3n1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&tiba=Wish%20President%20Trump%20a%20Happy%20Birthday!&async=1&fmt=3&is_vtc=1&random=151496481&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c01::5e Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
page.js
static.addtoany.com/menu/ 		72 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/page.js
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/wp-content/themes/nrcc-adsublanding/js/site.js?ver=5.9.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 12:47:44 GMT
via
e1s
x-content-type-options
nosniff
cf-cache-status
HIT
age
97047
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 01 Dec 2021 08:23:25 GMT
server
cloudflare
etag
W/"11ee2-5d2116348919c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=172800
cf-ray
6f38b73c8d199bb8-FRA
cf-bgj
minify
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15267911-1&cid=887175446.1648558063&jid=747309278&_u=YGBAiEABBAAAAE~&z=1294835320
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-15267911-1&cid=887175446.1648558063&jid=747309278&_u=YGBAiEABBAAAAE~&z=1294835320
Requested by
Host: act.nrcc.org
URL: https://act.nrcc.org/happy-birthday-trump/?recurring=true&amount=35&utm_source=PUSA-GOP-XX&utm_medium=EmailProspect&utm_campaign=20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC&utm_content=20200603_NoticeSignPresidentTrumpsBirthdayCard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4010:c01::5e Lappeenranta, Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 12:47:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sm.23.html
static.addtoany.com/menu/ Frame FE1D 		741 B
820 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.addtoany.com/menu/sm.23.html
Requested by
Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/

Response headers

date
Tue, 29 Mar 2022 12:47:44 GMT
content-type
text/html; charset=utf-8
p3p
CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified
Wed, 22 Sep 2021 23:42:51 GMT
etag
W/"2e5-5cc9e128a4c38"
cache-control
max-age=315360000, immutable
vary
Accept-Encoding
via
e4s
cf-cache-status
HIT
age
615931
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6f38b73d1ee8920d-FRA
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sa.css
tags.srv.stackadapt.com/ 		65 B
292 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.css
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.212.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-212-93.compute-1.amazonaws.com
Software
/
Resource Hash
a566dd6ad26343f577982f6e5470a2d978cfd5767ee6327b833b82509a218cd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 12:47:44 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
65
Content-Type
text/css
sa.jpeg
tags.srv.stackadapt.com/ 		0
881 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/sa.jpeg
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.212.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-212-93.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 12:47:44 GMT
Cache-Control
only-if-cached, no-transform, private, max-age=7776000
Connection
keep-alive
Content-Length
651
Content-Type
image/jpeg
saq_pxl
tags.srv.stackadapt.com/ 		94 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.srv.stackadapt.com/saq_pxl?uid=7WlXqkCbytjp_O_OKWgGWg&is_js=true&landing_url=https%3A%2F%2Fact.nrcc.org%2Fhappy-birthday-trump%2F%3Frecurring%3Dtrue%26amount%3D35%26utm_source%3DPUSA-GOP-XX%26utm_medium%3DEmailProspect%26utm_campaign%3D20200603_PUSA-GOP-XX_SignatureRequestedViaNRCC%26utm_content%3D20200603_NoticeSignPresidentTrumpsBirthdayCard&t=Wish%20President%20Trump%20a%20Happy%20Birthday!&host=https://act.nrcc.org&sa_conv_data_css_value=%20%220-418bfbd7-6dbe-48a2-675f-6359af14f6a9%22&sa_conv_data_image_value=ffd8ffe000104a46494600010101006000600000ffdb004300080606070605080707070909080a0c140d0c0b0b0c1912130f141d1a1f1e1d1a1c1c20242e2720222c231c1c2837292c30313434341f27393d38323c2e333432ffdb0043010909090c0b0c180d0d1832211c213232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232323232ffc00011080001000103012200021101031101ffc4001f0000010501010101010100000000000000000102030405060708090a0bffc400b5100002010303020403050504040000017d01020300041105122131410613516107227114328191a1082342b1c11552d1f02433627282090a161718191a25262728292a3435363738393a434445464748494a535455565758595a636465666768696a737475767778797a838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae1e2e3e4e5e6e7e8e9eaf1f2f3f4f5f6f7f8f9faffc4001f0100030101010101010101010000000000000102030405060708090a0bffc400b51100020102040403040705040400010277000102031104052131061241510761711322328108144291a1b1c109233352f0156272d10a162434e125f11718191a262728292a35363738393a434445464748494a535455565758595a636465666768696a737475767778797a82838485868788898a92939495969798999aa2a3a4a5a6a7a8a9aab2b3b4b5b6b7b8b9bac2c3c4c5c6c7c8c9cad2d3d4d5d6d7d8d9dae2e3e4e5e6e7e8e9eaf2f3f4f5f6f7f8f9faffda000c03010002110311003f00f7fa28a2803fffd949b82384267b45567d52a68a6a55d520b9d59ba4
Requested by
Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.226.212.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-226-212-93.compute-1.amazonaws.com
Software
/
Resource Hash
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://act.nrcc.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.84 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 12:47:44 GMT
Access-Control-Allow-Methods
GET
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
https://act.nrcc.org
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
94

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| structuredClone object| oncontextlost object| oncontextrestored object| gform undefined| ss_android undefined| ss_set undefined| ss_icons undefined| ss_keywords undefined| ss_legacy undefined| ss_getElementsByClassName undefined| ss_liga undefined| $ function| jQuery string| ua string| click function| onYouTubeIframeAPIReady object| api_yt object| api_vimeo object| api_ga object| add2any object| a2a_config object| gform_i18n object| gf_global object| gf_legacy_multi object| dataLayer function| gtag object| Vimeo boolean| VimeoPlayerResizeEmbeds_ object| addComment object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| wp function| sprintf function| vsprintf object| params function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader object| google_tag_manager object| google_tag_data function| postscribe object| google_tag_manager_external string| GoogleAnalyticsObject function| ga object| dotq function| fbq function| _fbq function| saq function| _saq object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| YAHOO function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| gaplugins object| gaGlobal object| gaData object| Placeholders number| scrolled object| a2a function| a2a_show_dropdown function| a2a_miniLeaveDelay function| a2a_init number| a2amail_init object| res string| current_window_url_param

15 Cookies

Domain/Path Name / Value
ct12.thegopemail.com/ Name: messageid
Value: 13257909
ct12.thegopemail.com/ Name: memberid
Value: 483709310
ct12.thegopemail.com/ Name: urlid
Value: 209647
ct12.thegopemail.com/ Name: groupid
Value: 2
.youtube.com/ Name: YSC
Value: zAYmOgY-NHc
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 19z-Binf6NM
.nrcc.org/ Name: _gcl_au
Value: 1.1.1297395959.1648558063
.nrcc.org/ Name: _fbp
Value: fb.1.1648558063241.91682446
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nrcc.org/ Name: _ga
Value: GA1.2.887175446.1648558063
.nrcc.org/ Name: _gid
Value: GA1.2.1608902485.1648558063
.nrcc.org/ Name: _dc_gtm_UA-15267911-1
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBPD_QmICELTR2HNXqE_Cl9ZEThDL3lUFEgEBAQFRRGJMYgAAAAAA_eMAAA&S=AQAAAiJhbYmPZeyzFoVQG8AIGBM
tags.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-418bfbd7-6dbe-48a2-675f-6359af14f6a9.E9nwSjQCHmE7izsB%2B10oGpsGs8kaEg9FPDFEWd0vr6E
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AQYv7122-SKJnX2NZrxT2qbnVm6Q.RDvCAJ1rjm5%2B2JATJLtdAdm5hPqrf%2B36h3phemVxurk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act.nrcc.org
cdn1.lockerdomecdn.com
connect.facebook.net
ct12.thegopemail.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
player.vimeo.com
s.yimg.com
sp.analytics.yahoo.com
static.addtoany.com
stats.g.doubleclick.net
tags.srv.stackadapt.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.youtube.com
151.101.192.217
212.82.100.181
216.58.212.162
2600:9000:223c:a400:b:6268:b880:93a1
2606:4700:10::ac43:2794
2a00:1288:80:807::1
2a00:1450:4001:800::200a
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:813::2008
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a00:1450:4010:c01::5e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.226.212.93
35.203.178.34
8.224.216.30
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
078f3dd88e751c3c421b2007e1cb27bcb65a95daf278bd25de81ba7b2bf3c4e4
0dd2d4b7b81e26f5459b1f9f8ee51c72b87aa90d55033f686b827d582a2481dd
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10354e9bc6b485028971a1f58fccff5c89d722db324d42bc07963aab24ebb956
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1657cedfea9ceef327dcf65648079df9af9b1b1ebe20d89ea4e5b5ea666baab3
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
1bf6c06e8e4e5bb209dfdc45c15af0527025b764fe353012ee3f8d54dcf19d56
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
232307a0287be057f360eb5f35569b69a0fddbf67aa4deb29765b90cc827f595
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
4a354f3d28b56276cc1c16d970f65ddb3ecec48cb1b79a1a32e0e3929e584607
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
52b99570f47b19d1937f1ac1fba9a41b9b834d5f4af0f03b216e335d5a81db83
545cee78de8ea923026bfa3bcdb188b65aa99b2dbbd027b4e220051068e02d70
57105f0d09b065648031b4127971f8e91e9d8c40e8a25362c36adcc2ca6000d3
6adb862ed444b85e22319d7377735f5986e268291c669683c085b97d4f0a4e67
6adf1682559f92e9d0b4a6d72b9db7c4e48bff51282ba381cd8f0be5e098e0e8
6c25be056dab4195e5e7e64a5880036521e6ccb3a7da1d6157c51394eb62af0d
6f2b785fb3851ad36305fb9ef324ab37d3411fdb0ac21ea1e3da28f256308217
737753409412808a233ebb465d51885c1cf9c4f724dc2fcb7ec5d6c513b439f0
74cad4303232e97ca561d020bf3491ab6777c683b259f50f99b64cd62f1e3271
7536f0df059eb4232aeb10fa05bd89b6da621240062499542da570d39fb833ba
7802514279d805a825923d8ff3b2746e3fa7d4c719d791292b6f860bc2acf20d
79ebaa6574842c7ac356bc54fe5646115e56a29743405205f685eae70978627c
7b220f426ba8f6ac0682f685b177ba6da5aa60e7d1bc612d002200d5c470a224
7f06d0ff6a2e1b27b0ef81bf37d7248b151abd19d2762dbaefdc3a561407a78d
81556f38ccd763884270a287d8602759ecca85ec4f93548631550b4514393d46
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
916089ff48d67576a9fdef763d7d227ac92f93353e82cee685bf002f35a681d9
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
9616865a4344d7bd7631fb93925d422d89ea1db93bc52f9d217354841c2bdf3a
9fc929f9d307cf53bea691c3794c5ee2874ff5e1d2c7d308d71120ae3aa8c788
a107c884ebed73c63dcc5d1519f536ee87f34ab117c5164e26864ebf52f31150
a10b9570a1c7858442b42f1cd48b69a191638269f37e4046607bf5fe188e38bf
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a566dd6ad26343f577982f6e5470a2d978cfd5767ee6327b833b82509a218cd2
bb7da0994831b5b39def8d13cd92b169e293a385dc9722f5774bb1cb93bfd460
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c24ed0313cd813b049be4a3d06ccb03f34662b3842b4840a4ee37afc1f6c466c
c92c978bb851baf62c3d8ded46de8fb80c528974558f2e1c4a82f541f294e60e
c973bdd65f848dff89ec0cbee8716a2449fe526c0b630d5a0e23ab350d8db2ed
cadb7853e242146c5699c0427f90a6bde213dd65d3105b81040fa558c7d739d4
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
d70d9853ff87464d69a8174e3a76633bf29e45aaafcbccb214c10722b2b9714c
d7b72fcd164aa35ce633554422a56ae9c32268e6da508b5cebc01065938fa5ac
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f474b1a6f9051de7391f8ab09aae5000f43b36b10c79900824be74ac35fe6c13
f9e610fb6ac16f917482ef17f14b32761e74d94463ddd22d25e63e1fc8b1aacd
fec6316e6e45e87432cfa9e4ba33f024e8f33d3de07586aa3d1853d9873824fe
fef1b521f8b08256e1bd8f1e7d19e47b7d1d559eba46f46e3ff1fe26750dc4ed