secure.everyaction.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.everyaction.com/k/15558899/164298652/352585387?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCq...
Effective URL:
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9...
Submission: On February 29 via api (February 29th 2020, 6:46:45 pm UTC) from BE

Summary HTTP 67 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 17 IPs in 7 countries across 16 domains to perform 67 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.everyaction.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 19th 2019. Valid for: 2 years.

This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3)
4	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	143.204.101.72 143.204.101.72	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:20e... 2600:9000:20eb:3a00:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 11	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
3	143.204.98.175 143.204.98.175	16509 (AMAZON-02) (AMAZON-02)
2	13.224.194.11 13.224.194.11	16509 (AMAZON-02) (AMAZON-02)
2	51.140.6.23 51.140.6.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
8	3.137.39.162 3.137.39.162	16509 (AMAZON-02) (AMAZON-02)
1	88.221.63.221 88.221.63.221	16625 (AKAMAI-AS) (AKAMAI-AS)
67	17

15 45.60.33.183 (United States) 1 redirects

ASN19551 (INCAPSULA, US)

click.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.101.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-72.fra50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:20eb:3a00:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.175 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-175.fra50.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.194.11 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-11.fra2.r.cloudfront.net

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.137.39.162 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-39-162.us-east-2.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.63.221 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-63-221.deploy.static.akamaitechnologies.com

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	cloudfront.net d3rse9xjbp8270.cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	464 KB
11	google-analytics.com 1 redirects www.google-analytics.com	19 KB
11	everyaction.com 1 redirects click.everyaction.com secure.everyaction.com	40 KB
8	braintreegateway.com client-analytics.braintreegateway.com	3 KB
4	ngpvan.com profile.ngpvan.com fastaction.ngpvan.com secure.ngpvan.com	6 KB
4	windows.net nvlupin.blob.core.windows.net	202 KB
3	doubleclick.net stats.g.doubleclick.net	339 B
3	verygoodvault.com js.verygoodvault.com	24 KB
2	visualstudio.com dc.services.visualstudio.com	832 B
2	braintree-api.com payments.braintree-api.com	1 KB
2	twitter.com platform.twitter.com	29 KB
2	facebook.net connect.facebook.net	115 KB
2	googletagmanager.com www.googletagmanager.com	51 KB
1	paypal.com checkout.paypal.com
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	jquery.com code.jquery.com	30 KB
67	16

	Domain	Requested by
11	www.google-analytics.com	1 redirects www.googletagmanager.com secure.everyaction.com
10	secure.everyaction.com	secure.everyaction.com az416426.vo.msecnd.net
9	d3rse9xjbp8270.cloudfront.net	secure.everyaction.com d3rse9xjbp8270.cloudfront.net www.google-analytics.com
8	client-analytics.braintreegateway.com	az416426.vo.msecnd.net
4	nvlupin.blob.core.windows.net	secure.everyaction.com d3rse9xjbp8270.cloudfront.net
3	d1aqhv4sn5kxtx.cloudfront.net	www.googletagmanager.com secure.everyaction.com
3	stats.g.doubleclick.net	secure.everyaction.com
3	js.verygoodvault.com	secure.everyaction.com js.verygoodvault.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	payments.braintree-api.com	az416426.vo.msecnd.net
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
2	platform.twitter.com	secure.everyaction.com platform.twitter.com
2	connect.facebook.net	secure.everyaction.com connect.facebook.net
2	www.googletagmanager.com	secure.everyaction.com d3rse9xjbp8270.cloudfront.net
1	checkout.paypal.com	d3rse9xjbp8270.cloudfront.net
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	az416426.vo.msecnd.net	secure.everyaction.com
1	code.jquery.com	secure.everyaction.com
1	click.everyaction.com	1 redirects
67	20

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
jewishvoiceforpeace.org
jvp.org

Subject Issuer	Validity	Valid
*.everyaction.com Sectigo RSA Domain Validation Secure Server CA	`2019-02-19` - `2021-02-18`	2 years	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
*.blob.core.windows.net Microsoft IT TLS CA 1	`2020-01-28` - `2022-01-28`	2 years	crt.sh
*.verygoodvault.com Amazon	`2019-05-15` - `2020-06-15`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
*.vo.msecnd.net Microsoft IT TLS CA 2	`2018-03-30` - `2020-03-30`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.ngpvan.com RapidSSL RSA CA 2018	`2018-02-08` - `2021-02-07`	3 years	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2019-03-04` - `2021-03-08`	2 years	crt.sh
dc.services.visualstudio.com Microsoft IT TLS CA 5	`2019-11-18` - `2021-11-18`	2 years	crt.sh
client-analytics.braintreegateway.com DigiCert Global CA G2	`2018-06-18` - `2020-06-17`	2 years	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2019-07-31` - `2021-09-29`	2 years	crt.sh

This page contains 5 frames:

Primary Page: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Frame ID: C7E363EB8021785293BC33FF4CFDC6B7
Requests: 65 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fsecure.everyaction.com
Frame ID: FF44FCCAF587595A0E5EF9693C075DCD
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2909477950490809215&formId=randomId2903692211761570394&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: 0FC13D7695877FA3A6E7139D8A1CF30A
Requests: 1 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2906278151199243664&formId=randomId2903692211761570394&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: 8C32A3058748D2555DD7E72410911433
Requests: 1 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Frame ID: 143094F254C4BB6FBF390250F1FC5719
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://click.everyaction.com/k/15558899/164298652/352585387?sourceid=1000437&ms=emft&contactdata=... HTTP 302
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=Ilc... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

67
Requests

100 %
HTTPS

44 %
IPv6

16
Domains

20
Subdomains

17
IPs

7
Countries

1006 kB
Transfer

2696 kB
Size

20
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/your-electronic-communication-rights/
Title: more info

Search URL Search Domain Scan URL

URL: http://jvp.org/paypal
Title: Click here to give if you live outside the US or are having problems donating.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/giving/approach/#donor-privacy
Title: Read about our Donor Privacy Policy and Core Principles.

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.everyaction.com/k/15558899/164298652/352585387?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO/PH5vMut7N7anWHOi8tBriJynZfJAgCi/GpRZ8AWyERwThAZX/sAnkyyk/yEieW4yHQPyOBcVj3pww==&nvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ==&hmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0=&emci=9ca44310-095b-ea11-a94c-00155d039e74&emdi=5eef219a-0a5b-ea11-a94c-00155d039e74&ceid=197022 HTTP 302
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1608355203&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Accelerator&ev=18&_u=aGHAAEAB~&jid=1482386519&gjid=868234540&cid=1915080780.1583001988&tid=UA-28243511-20&_gid=1816134648.1583001988&_r=1&gtm=2wg2j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000437&cd5=%5BC3%5DMembership%20Donate%20Page&cd6=t6ef7KnOvkW67sqaq4-H1g2&z=697193861 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1915080780.1583001988&jid=1482386519&_gid=1816134648.1583001988&gjid=868234540&_v=j81&z=697193861

67 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set t6ef7KnOvkW67sqaq4-H1g2 Show response
secure.everyaction.com/
Redirect Chain

https://click.everyaction.com/k/15558899/164298652/352585387?sourceid=1000437&ms=emft&contactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO/PH5vMut7N7anWHOi8t...
https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8t...

17 KB
7 KB

281ms
176ms

Document
text/html

45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b0c43063e9e97811ce1c929675bd32811eb674f0e154e3d816ac24da71800c41

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: secure.everyaction.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: visid_incap_1392949=0EfXndETSiSQUHN61E30w4KxWl4AAAAAQUIPAAAAAABLZHomWwME7hoJw0xdTk9p; nlbi_1392949=d+ImLUA21RPkxKymuiPdvwAAAABJN4oJkbAqPtjmn7XAcsBQ; incap_ses_766_1392949=Ete0R7kMrVl2kR4i/2GhCoKxWl4AAAAAJf4ftmaj/XwoKshp69pcaw==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date: Sat, 29 Feb 2020 18:46:26 GMT
Set-Cookie: visid_incap_823975=eojVLRziSOSaUYhDBnT/MYKxWl4AAAAAQUIPAAAAAAA3Mh2n9yMfuXLMv0NGhKeD; expires=Sat, 27 Feb 2021 21:56:13 GMT; path=/; Domain=.everyaction.com nlbi_823975=vsuCfThb8zrSRa4GOu0ZEgAAAACO3HW342snejybUbvCe7hZ; path=/; Domain=.everyaction.com incap_ses_766_823975=Ug2nQAwbgBGnkR4i/2GhCoKxWl4AAAAAE1rSHfAJHDEPRArgPTx6dw==; path=/; Domain=.everyaction.com TiPMix=59.2981129229526; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; SameSite=None; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; SameSite=None; Secure ; Secure; SameSite=None; Secure
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 6-17601518-17599873 PNNN RT(1583001986517 40) q(0 0 0 1) r(1 1) U12

Redirect headers

Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Location: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers: Request-Context
X-Powered-By: ASP.NET
Date: Sat, 29 Feb 2020 18:46:26 GMT
Content-Length: 0
Set-Cookie: visid_incap_1392949=0EfXndETSiSQUHN61E30w4KxWl4AAAAAQUIPAAAAAABLZHomWwME7hoJw0xdTk9p; expires=Sat, 27 Feb 2021 21:56:26 GMT; path=/; Domain=.everyaction.com nlbi_1392949=d+ImLUA21RPkxKymuiPdvwAAAABJN4oJkbAqPtjmn7XAcsBQ; path=/; Domain=.everyaction.com incap_ses_766_1392949=Ete0R7kMrVl2kR4i/2GhCoKxWl4AAAAAJf4ftmaj/XwoKshp69pcaw==; path=/; Domain=.everyaction.com
X-CDN: Incapsula
X-Iinfo: 13-28948823-28948830 NNNN CT(81 178 0) RT(1583001986015 25) q(0 0 3 -1) r(4 4) U11

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 39ms
9ms Script
application/javascript 2001:4de0:ac19::1:b:3a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 29 Feb 2020 18:46:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 19:01:15 GMT
Server: nginx
ETag: W/"58d026fb-15283"
Vary: Accept-Encoding
X-HW: 1583001987.dop160.fr8.t,1583001987.cds105.fr8.shn,1583001987.cds105.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 30125

GET
H/1.1 200
OK EA_Callbacks_Embed_Donate.js Show response
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/ 23 KB
24 KB 459ms
128ms Script
application/x-javascript 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 41016289e5a7829fb7eaf56232ae725d65264bfbfda98bb094effb883c671bf8

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 29 Feb 2020 18:46:27 GMT
Last-Modified: Wed, 23 Jan 2019 18:51:45 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D68163D260B94C
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 93473391-e01e-00f1-0830-efc06b000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 23484

GET
H/1.1 200
OK script-error Show response
secure.everyaction.com/js/ 228 B
1 KB 114ms
114ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Iinfo: 6-17601518-17599873 SNNN RT(1583001986517 207) q(0 0 0 -1) r(1 1) U4
Content-Length: 258
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Last-Modified: Sat, 29 Feb 2020 18:46:27 GMT
X-Frame-Options: SAMEORIGIN
Date: Sat, 29 Feb 2020 18:46:26 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: public
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: Sun, 28 Feb 2021 18:46:27 GMT

GET
H/1.1 200
OK full-width-elena-holding-hands.jpg
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/ 149 KB
150 KB 590ms
258ms Image
image/jpeg 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/full-width-elena-holding-hands.jpg
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: adf6b1919f467d8f58e8b886461a1ff02fef71d3249a97dad499874f101ee739

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 29 Feb 2020 18:46:27 GMT
Last-Modified: Sat, 16 Sep 2017 22:31:17 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D4FD52A5864B58
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
x-ms-request-id: e7c22096-d01e-00f9-4330-efdb18000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 152610

GET
H/1.1 200
OK jvp-logo_full.svg
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/ 5 KB
6 KB 484ms
140ms Image
image/svg+xml 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/jvp-logo_full.svg
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 58dd92b26521eecae86002911ed654348aa10eb962dc3854582caa5643e792ef

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 29 Feb 2020 18:46:27 GMT
Last-Modified: Thu, 14 Nov 2019 06:24:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D768CB596211F3
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
x-ms-request-id: a3e43c0d-b01e-00e2-3e30-eff58a000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 5234

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 138ms
20ms Script
application/javascript 143.204.101.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id: MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding: gzip
Age: 3246
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Last-Modified: Fri, 13 Dec 2019 10:03:51 GMT
Server: AmazonS3
Date: Sat, 29 Feb 2020 18:11:51 GMT
Vary: Origin
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: kJIwJJEKxc-aOrkkgLNkitCxwFVs7GMPV-z_pDtSZ6R1_2y8zUW_HA==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 805 KB
228 KB 34ms
7ms Script
application/javascript 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f22c6ae24b608e03249eb0be489e3a53d748b3190582772405ffb93ed12a70b8

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 29 Feb 2020 01:29:37 GMT
content-encoding: gzip
age: 62212
x-cache: Hit from cloudfront
status: 200
content-length: 232907
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 16:21:51 GMT
server: AmazonS3
etag: "ec1dd08462375501a44b0062cd90ec6f"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: Q0NjvULrEul5a9Xl1jww4e30W7Z7gnGj9ITclJ4woMtw1AK6qNgAnw==

GET
H/1.1 200
OK base-js.gif
secure.everyaction.com/Content/images/ 35 B
324 B 388ms
387ms Image
image/gif 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/Content/images/base-js.gif
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Iinfo: 6-17601518-17598873 2VNN RT(1583001986517 778) q(0 0 0 -1) r(4 4)
Date: Sat, 29 Feb 2020 18:46:27 GMT
Last-Modified: Mon, 24 Feb 2020 22:27:52 GMT
X-CDN: Incapsula
Etag: "064cba661ebd51:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK _Incapsula_Resource Show response
secure.everyaction.com/ 124 KB
18 KB 101ms
36ms Script
application/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1110419747
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e46cbb8f63b007fb660300b70d94f706b7467ab2699640ddef774f4b35d44e62

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Content-Encoding: gzip
Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 17974
Content-Type: application/javascript

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 93ms
24ms Script
application/x-javascript 152.199.19.160
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 29 Feb 2020 18:46:28 GMT
content-encoding: gzip
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1497
x-cache: HIT
status: 200
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Tue, 04 Feb 2020 19:23:51 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D7A9A7C460F06C
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 335e6829-001e-0130-112d-eff89b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 85 KB
27 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ab8122460b24a6f0076ca9d12295ca427d186a4071abe3671b40480a187f9c2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 29 Feb 2020 18:46:28 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 27298
x-xss-protection: 0
last-modified: Sat, 29 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Feb 2020 18:46:28 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4bfc0ee0755966465d8c3c47bc1c72680e0955320aeca408a279c78e836d5ca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: iSjflVlfNaQemdrnCzKn5g==
status: 200
date: Sat, 29 Feb 2020 18:46:28 GMT, Sat, 29 Feb 2020 18:46:28 GMT
expires: Sat, 29 Feb 2020 18:50:41 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1780
x-fb-debug: GindgXQpczfEp9XLG/SPbTHvraA5ebsOZ849MbxysAcGMzj8I0hpGLVOKA13EqE/xPuweG35NclepfgM6v/ARw==
x-fb-trip-id: 1850256238
x-fb-content-md5: bd8f84e8db6f156376fb4f48e66dd28f
etag: "e498ace410502dbbcc94b26a05e80699"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 56ms
12ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BC1) /
Resource Hash: 62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 29 Feb 2020 18:46:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Feb 2020 00:16:08 GMT
Server: ECS (amb/6BC1)
Age: 384
Etag: "b184acc5626add1721a10b1738df2dbe+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3000
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29101

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 389 KB
113 KB 20ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0a865d8c7b412d733a48993b3fa0646a&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

fb90c26ada2b084026ba27cddc8182f381ec667afbd5b5ff98f27c38c05142ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: hDB6w3POW6uVZh8/veSx2w==
status: 200
date: Sat, 29 Feb 2020 18:46:28 GMT, Sat, 29 Feb 2020 18:46:28 GMT
expires: Sun, 28 Feb 2021 18:44:16 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 115296
x-fb-debug: iBy/XLX/MKrPi+Frhh8TjPDndE943VPCN/0fzObEoKo9ZI1QyI8/nEimYNs5I8aC9qM5apgipAfLM8qN2rmp8w==
x-fb-trip-id: 2000377899
x-fb-content-md5: ebcc3616038f793f18eb514c23b9455d
etag: "424873b415fd301f6665663a31ccdc80"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 3257
date: Sat, 29 Feb 2020 17:52:11 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Sat, 29 Feb 2020 19:52:11 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
106 B 6ms
5ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=912908307&gjid=1863584268&cid=1915080780.1583001988&tid=UA-62682497-4&_gid=1816134648.1583001988&gtm=2wg2j0PM473M&z=226598532

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
113 B 14ms
14ms Image
image/gif 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-62682497-4&cid=1915080780.1583001988&jid=912908307&gjid=1863584268&_gid=1816134648.1583001988&_u=YGBAgAAB~&z=1071789517

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sat, 29 Feb 2020 18:46:28 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK with-js.gif
secure.everyaction.com/Content/images/ 35 B
324 B 374ms
359ms Image
image/gif 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/Content/images/with-js.gif
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

X-Iinfo: 12-17897994-17897709 2VNN RT(1583001987324 83) q(0 0 0 -1) r(3 3)
Date: Sat, 29 Feb 2020 18:46:27 GMT
Last-Modified: Mon, 24 Feb 2020 22:27:52 GMT
X-CDN: Incapsula
Etag: "064cba661ebd51:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html
platform.twitter.com/widgets/ Frame FF44 0
0 13ms
13ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7aeb03ce9f308997020e5998720fbbf7.html?origin=https%3A%2F%2Fsecure.everyaction.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B8D) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 412053
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sat, 29 Feb 2020 18:46:28 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 25 Feb 2020 00:11:30 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (amb/6B8D)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H/1.1 200
OK _Incapsula_Resource
secure.everyaction.com/ 1 B
123 B 21ms
21ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.935976706258606
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Cache-Control: no-cache, no-store
X-Robots-Tag: noindex
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK identity Show response
profile.ngpvan.com/ 72 B
1 KB 186ms
113ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

9256cf3a8810fee8eebf019c2e818fdc4b0b17a3f0bd886561938616c9123da4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 29 Feb 2020 18:46:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
X-Iinfo: 14-45966915-45962498 PNNN RT(1583001987499 20) q(0 0 0 0) r(1 1) U19
ETag: W/"48-7gswkmqWaiSM35NvFR4UpNpijWE"
Content-Type: text/javascript; charset=utf-8
Content-Length: 192
X-CDN: Incapsula
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
24 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

178472c41d58ab292d43b56d6ca6c8d014522b947af4e0252a012a333fa06e0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 29 Feb 2020 18:46:28 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24577
x-xss-protection: 0
last-modified: Sat, 29 Feb 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Feb 2020 18:46:28 GMT

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 22ms
8ms Stylesheet
text/css 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0cb17862dc210b7118bc21e60db77fae45fe6ebce128b0427bca031fd3010

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 29 Feb 2020 02:11:42 GMT
content-encoding: gzip
age: 59687
x-cache: Hit from cloudfront
status: 200
content-length: 20576
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 16:21:51 GMT
server: AmazonS3
etag: "add53ccab6eb385bcafb92d3af678b8b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: o0Fp4aVLGY_CFP3N1Fax53q-gf_sBAPr5Sso6Oo6kXvjf7GLysXudg==

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 92 KB
16 KB 26ms
13ms Stylesheet
text/css 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d972cb3eb8727e4f2ea30aed262d195a0e504e8d63359e268139931f0c64d253

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Sat, 29 Feb 2020 01:57:48 GMT
content-encoding: gzip
age: 60521
x-cache: Hit from cloudfront
status: 200
content-length: 15885
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Tue, 25 Feb 2020 16:21:51 GMT
server: AmazonS3
etag: "151497a0ef802e3be81c7a322803dadc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: oyoXNJQpHVPk-QSBLo6D7WrRTdsYvhj2el2NRXPPxGVFxnUebTZbcg==

GET
H/1.1 200
OK t6ef7KnOvkW67sqaq4-H1g2 Show response
secure.everyaction.com/v1/Forms/ 21 KB
8 KB 193ms
192ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3Bms=emft&amp%3Bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2FPH5vMut7N7anWHOi8tBriJynZfJAgCi%2FGpRZ8AWyERwThAZX%2FsAnkyyk%2FyEieW4yHQPyOBcVj3pww%3D%3D&amp%3Bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3D%3D&amp%3Bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3D&amp%3Bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3Bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3Bceid=197022

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

68ecf5b9378d0039f59383754118ff3836aa300e83122d7db90209342e09048b

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Request-Id: |iV+yk.XNPg0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 6-17601637-17599873 PNNN RT(1583001987417 61) q(0 0 0 -1) r(2 2) U2
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Sat, 29 Feb 2020 18:46:28 GMT
Date: Sat, 29 Feb 2020 18:46:27 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
ETag: "3ba5ea38-b8ae-4d6a-b614-ff546bd4d1f0"
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: -1

GET
H/1.1 200
OK sweetspot.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 8 KB
9 KB 42ms
9ms Script
application/x-javascript 143.204.98.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-175.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 29 Feb 2020 06:44:03 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Age: 43346
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8149
Last-Modified: Tue, 06 Aug 2019 21:06:41 GMT
Server: AmazonS3
ETag: "37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: CLt4Pj92cs_pLwKry0iN8pKB6Zi35FdZiDGcdT4_eoh3ximG_z9LsQ==

GET
H/1.1 200
OK nvtag Show response
profile.ngpvan.com/v2/data/wtUWuKO00l1q806kRMS39K0t/ 2 B
1 KB 206ms
126ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/wtUWuKO00l1q806kRMS39K0t/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 29 Feb 2020 18:46:27 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
X-Iinfo: 3-18236640-18236646 NNNY CT(0 0 0) RT(1583001987676 38) q(0 0 0 0) r(1 1) U12
Access-Control-Allow-Credentials: true
Content-Length: 123
X-CDN: Incapsula
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H/1.1 200
OK identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 543ms
440ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1583001988643=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

f6f7a8acc64a0c3bd7b7536000c96f8cfaec36a676f27d08847e97f33348b538

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Powered-By: Express
Transfer-Encoding: chunked
P3p: CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo: 2-13452012-13452017 NNYN CT(91 200 0) RT(1583001987762 34) q(0 0 3 0) r(5 5) U4
Connection: keep-alive
Content-Encoding: gzip
Etag: W/"ba-2559339215"
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server: Cowboy
Date: Sat, 29 Feb 2020 18:46:29 GMT
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: text/javascript; charset=utf-8

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 7ms
6ms Font
application/font-woff2 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 29 Feb 2020 02:01:21 GMT
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
age: 60308
x-cache: Hit from cloudfront
status: 200
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: yW-mxTkzcsT_XILmldPe8cbhMSR8ugoDZRefa9oOgvz2DYylDR8nAw==

GET
H/1.1 200
OK gtmtools.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 4 KB
5 KB 10ms
10ms Script
application/javascript 143.204.98.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/gtmtools.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-175.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Sat, 29 Feb 2020 18:27:24 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Age: 1145
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 4233
Last-Modified: Thu, 24 Oct 2019 19:33:08 GMT
Server: AmazonS3
ETag: "9e70537eecebd0e559cbe41c8facec34"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=1800
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: N826zvqrsyL7SNI-RtedfOjunKinkBPGN5muvUlnyT_iIYC99rpKbw==

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 229 KB
52 KB 7ms
7ms Script
application/javascript 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Sat, 01 Feb 2020 21:33:26 GMT
content-encoding: gzip
age: 2409183
x-cache: Hit from cloudfront
status: 200
content-length: 52457
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Thu, 03 Oct 2019 17:12:46 GMT
server: AmazonS3
etag: "0e171f16b707862d9a5a9168f0edc967"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: JMINsu-YCyy0te0syHNWNoTlWai_DK3S3mp8U7nK-sW2AOmuz13N5A==

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 20 KB
20 KB 7ms
7ms Image
image/png 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 11 Jan 2020 14:13:08 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
age: 4250001
x-cache: Hit from cloudfront
status: 200
content-length: 20389
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: LsOhhyIIX_q9T3zVuk02NsrTvKR1iczecpafG64WOpFgJb_-OU_3IQ==

GET
H2 200 cc.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 3 KB
4 KB 6ms
6ms Image
image/png 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/cc.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 26 Feb 2020 02:49:20 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
age: 316629
x-cache: Hit from cloudfront
status: 200
content-length: 3392
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: 9ZW8gOBhu6arkTNWF16mviYm25m3rr6SOmt1VbTV3l8CAF2yXYBdeQ==

GET
H/1.1 200
OK t6ef7KnOvkW67sqaq4-H1g2 Show response
secure.everyaction.com/PayPalClientToken/ 2 KB
3 KB 470ms
470ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/PayPalClientToken/t6ef7KnOvkW67sqaq4-H1g2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

51fa3b98f0d6164e770706af798f652d08622376f78bb682332cbef7f4244cec

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Request-Id: |iV+yk.Aid7
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Transfer-Encoding: chunked
X-Iinfo: 12-17897994-17898040 NNNY CT(0 0 0) RT(1583001987324 489) q(0 0 0 -1) r(4 4) U2
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
X-Frame-Options: SAMEORIGIN
Date: Sat, 29 Feb 2020 18:46:29 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires: -1

GET
H2 200 paypal-logo.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 3 KB
3 KB 6ms
6ms Image
image/png 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/paypal-logo.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 25 Feb 2020 23:34:40 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
age: 328309
x-cache: Hit from cloudfront
status: 200
content-length: 2778
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "459c51e4e024db4720b62513d12edb6a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: wHTtoRBxjzUPspj3gVbDLakFoAIignB7ZDiJd1IXkeCaVW2gxj7EZg==

GET
H/1.1 200
OK Digital-Logo-Horizontal.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/ 23 KB
24 KB 124ms
124ms Image
image/png 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/Digital-Logo-Horizontal.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 29 Feb 2020 18:46:28 GMT
Last-Modified: Mon, 18 Sep 2017 17:28:52 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D4FEBABB2CD773
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: e7c22188-d01e-00f9-1a30-efdb18000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 23661

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
109 B 18ms
16ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1608355203&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Downloading&utt=213&_u=aGDAAEAB~&jid=59331209&gjid=240904149&cid=1915080780.1583001988&tid=UA-28243511-22&_gid=1816134648.1583001988&_r=1&gtm=2wg2j05L2FSL&z=1732131237

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Sat, 29 Feb 2020 18:46:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1608355203&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1915080780.1583001988&jid=1482386519&_gid=1816134648.1583001988&gjid=868234540&_v=j81&z=697193861

35 B
113 B

14ms
14ms

Image
image/gif

2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1915080780.1583001988&jid=1482386519&_gid=1816134648.1583001988&gjid=868234540&_v=j81&z=697193861

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sat, 29 Feb 2020 18:46:28 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Feb 2020 18:46:28 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1915080780.1583001988&jid=1482386519&_gid=1816134648.1583001988&gjid=868234540&_v=j81&z=697193861
content-type: text/html; charset=UTF-8
status: 302
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 419
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 9ms
7ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGHAgEAB~&jid=1390099826&gjid=1913350693&cid=1915080780.1583001988&tid=UA-28243511-20&_gid=1816134648.1583001988&gtm=2wg2j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000437&cd5=%5BC3%5DMembership%20Donate%20Page&cd6=t6ef7KnOvkW67sqaq4-H1g2&z=1804844283

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
stats.g.doubleclick.net/r/ 35 B
113 B 16ms
15ms Image
image/gif 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-28243511-20&cid=1915080780.1583001988&jid=1390099826&gjid=1913350693&_gid=1816134648.1583001988&_u=aGHAgEAB~&z=107774285

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Sat, 29 Feb 2020 18:46:28 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 8ms
7ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Processing&utt=31&_u=aGHAAEAB~&jid=&gjid=&cid=1915080780.1583001988&tid=UA-28243511-22&_gid=1816134648.1583001988&gtm=2wg2j05L2FSL&z=249178254

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t6ef7KnOvkW67sqaq4-H1g2
secure.everyaction.com/v1/Track/ 0
611 B 132ms
131ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&%3Bms=emft&%3Bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2FPH5vMut7N7anWHOi8tBriJynZfJAgCi%2FGpRZ8AWyERwThAZX%2FsAnkyyk%2FyEieW4yHQPyOBcVj3pww%3D%3D&%3Bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3D%3D&%3Bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3D&%3Bemci=9ca44310-095b-ea11-a94c-00155d039e74&%3Bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&%3Bceid=197022

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Sat, 29 Feb 2020 18:46:28 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 6-17601637-17599873 SNNN RT(1583001987417 463) q(0 0 0 -1) r(1 1) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H/1.1 200
OK paypal-logo.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 3 KB
3 KB 19ms
18ms Image
image/png 143.204.98.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/images/paypal-logo.png
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.98.175 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-175.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Sat, 29 Feb 2020 13:08:22 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Age: 20287
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 2778
Last-Modified: Fri, 03 May 2019 18:16:37 GMT
Server: AmazonS3
ETag: "459c51e4e024db4720b62513d12edb6a"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 5LcX_bDPl7wIJYvW7NzdQnzaNOvbmw7fXd8W8wT6AlMEsKNht9pz2Q==

GET
H2 200 fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ 9 KB
9 KB 8ms
7ms Image
image/svg+xml 2600:9000:20eb:3a00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:20eb:3a00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 29 Feb 2020 06:44:20 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
age: 43329
x-cache: Hit from cloudfront
status: 200
content-length: 9203
last-modified: Wed, 08 Jan 2020 18:06:45 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-amz-cf-id: WsoxJeXPfLiPU17YqWGN60bfKI3HVVt3_xwqZAwgDT_sdBN1rwNuzQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Render&utt=121&_u=aGHAAEAB~&jid=&gjid=&cid=1915080780.1583001988&tid=UA-28243511-22&_gid=1816134648.1583001988&gtm=2wg2j05L2FSL&z=1436175991

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 7ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Fill&utt=8&_u=aGHAAEAB~&jid=&gjid=&cid=1915080780.1583001988&tid=UA-28243511-22&_gid=1816134648.1583001988&gtm=2wg2j05L2FSL&z=1886577050

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Form&utt=386&_u=aGHAAEAB~&jid=&gjid=&cid=1915080780.1583001988&tid=UA-28243511-22&_gid=1816134648.1583001988&gtm=2wg2j05L2FSL&z=2135326118

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
100 B 7ms
7ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&utc=ActionTag&utv=Total&utt=412&_u=aGHAAEAB~&jid=&gjid=&cid=1915080780.1583001988&tid=UA-28243511-22&_gid=1816134648.1583001988&gtm=2wg2j05L2FSL&z=54951582

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651779
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content wtUWuKO00l1q806kRMS39K0t Show response
secure.everyaction.com/Databag/Profile/ 0
725 B 135ms
134ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/wtUWuKO00l1q806kRMS39K0t

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Request-Id: |iV+yk.41dTc
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Sat, 29 Feb 2020 18:46:28 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: *
X-Iinfo: 6-17601518-17601719 NNNY CT(0 0 0) RT(1583001986517 1380) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content wtUWuKO00l1q806kRMS39K0t Show response
secure.ngpvan.com/Databag/Profile/ 0
1 KB 254ms
141ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/wtUWuKO00l1q806kRMS39K0t

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Incapsula
Date: Sat, 29 Feb 2020 18:46:28 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://secure.everyaction.com
X-Iinfo: 13-28949297-28949305 NNNY CT(0 0 0) RT(1583001987968 48) q(0 0 0 1) r(1 1) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 0FC1 0
0 98ms
27ms Document
text/html 143.204.101.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2909477950490809215&formId=randomId2903692211761570394&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
Date: Sat, 29 Feb 2020 18:26:42 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache: Hit from cloudfront
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: vu8oqtUbF96b_UkgpKaKcROuYs-fOo9uz2loQlhWC8Pzksc8qefJXw==
Age: 2049

GET
H/1.1 200
OK index.html
js.verygoodvault.com/vgs-collect/1/lib/ Frame 8C32 0
0 96ms
25ms Document
text/html 143.204.101.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2906278151199243664&formId=randomId2903692211761570394&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-72.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
Date: Sat, 29 Feb 2020 18:26:42 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
X-Cache: Hit from cloudfront
Via: 1.1 d627b75d0c1aedd3691390ac8498d3b0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 2WlzVKh9hQl9wQznbryhYLSxqLENnqtFHoBP2JyzQnhOt1IumgCTVw==
Age: 2049

GET
H2 200 collect
www.google-analytics.com/ 35 B
106 B 6ms
6ms Image
image/gif 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j81&a=1608355203&t=timing&_s=2&dl=https%3A%2F%2Fsecure.everyaction.com%2Ft6ef7KnOvkW67sqaq4-H1g2%3Fsourceid%3D1000437%26amp%253bms%3Demft%26amp%253bcontactdata%3DIlckwnR9Kqh3WXQ9ucCqMh9N1DL0q%2B8%2Bvvl%2BM3SUJk5z1vc9xyArYnV3%2Bdre9TlzMvi5RJmO%252fPH5vMut7N7anWHOi8tBriJynZfJAgCi%252fGpRZ8AWyERwThAZX%252fsAnkyyk%252fyEieW4yHQPyOBcVj3pww%253d%253d%26amp%253bnvep%3Dew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%253d%253d%26amp%253bhmac%3D9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%253d%26amp%253bemci%3D9ca44310-095b-ea11-a94c-00155d039e74%26amp%253bemdi%3D5eef219a-0a5b-ea11-a94c-00155d039e74%26amp%253bceid%3D197022&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2285&pdt=2&dns=38&rrt=483&srt=175&tcp=67&dit=1432&clt=1432&_gst=1362&_gbt=1373&_cst=1328&_cbt=1351&_u=aGHAgEAB~&jid=&gjid=&cid=1915080780.1583001988&tid=UA-62682497-4&_gid=1816134648.1583001988&gtm=2wg2j0PM473M&z=75473940

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 30 Jan 2020 02:10:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 2651780
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 graphql Show response
payments.braintree-api.com/ 0
401 B 73ms
16ms XHR
text/plain 13.224.194.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://payments.braintree-api.com/graphql
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-11.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: authorization,braintree-version,content-type

Response headers

date: Sat, 29 Feb 2020 18:46:29 GMT
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
access-control-max-age: 1800
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
status: 200
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-origin: https://secure.everyaction.com
content-length: 0
x-amz-cf-id: 6wlg_h-cnO8czkJTkftIpfXWZn4vIGukIwzpWXVjzAB0NDj_4qTeIA==
access-control-allow-headers: authorization,braintree-version,content-type

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
311 B 150ms
44ms XHR
text/plain 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 29 Feb 2020 18:46:28 GMT
X-Content-Type-Options: nosniff
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 37ms
36ms XHR
application/json 13.224.194.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.224.194.11 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-194-11.fra2.r.cloudfront.net

Software

Resource Hash

3c88defaf4bcd1430396d74e3cdc4d4a366b775b709e948d351ee61da249cdc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6IkF1dGh5In0.eyJleHAiOjE1ODMwODgzODksImp0aSI6IjBlNzgwOGIzLTcyNGQtNDBjNy1iZWIxLTExNjc1ODBiY2RhYyIsInN1YiI6Inl4dmN4eDVrc3htOTg1ZDIiLCJpc3MiOiJBdXRoeSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Inl4dmN4eDVrc3htOTg1ZDIiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwib3B0aW9ucyI6e319.CI7o3X01_kFViz2qHwamV25Q4yb1uXoUoBR3fcCTCKE7j78vK3oO8AXWqyGQQzlWHZn4lCbVj_De1GYobyIJMQ
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

date: Sat, 29 Feb 2020 18:46:29 GMT
content-encoding: gzip
x-amz-cf-pop: FRA2-C1
status: 200
vary: Braintree-Version, Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://secure.everyaction.com
braintree-version: 2016-10-07
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-credentials: true
content-length: 696
via: 1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
x-amz-cf-id: SFG7dPZ5W40qY-ZP1EBlgxjCnJUQUFwrbbU7QhzIkfwmm6FjMLneew==

OPTIONS
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
340 B 493ms
129ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 29 Feb 2020 18:46:29 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

OPTIONS
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
340 B 521ms
133ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 29 Feb 2020 18:46:29 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

GET
H/1.1 200
OK dispatch-frame.min.html
checkout.paypal.com/web/3.44.2/html/ Frame 1430 0
0 478ms
421ms Document
text/html 88.221.63.221
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

88.221.63.221 , Ascension Island, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a88-221-63-221.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Host: checkout.paypal.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022

Response headers

Server: nginx
Content-Type: text/html
Last-Modified: Tue, 25 Feb 2020 20:08:32 GMT
ETag: "5e557ec0-1e9d"
Expires: Sun, 01 Mar 2020 18:46:29 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Sat, 29 Feb 2020 18:46:29 GMT
Content-Length: 3029
Connection: keep-alive

OPTIONS
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
340 B 549ms
137ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 29 Feb 2020 18:46:29 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 98 B
521 B 559ms
558ms XHR
application/json 51.140.6.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 1068E2BB-BC66-455E-9ACA-7E2BA1FE423B
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sat, 29 Feb 2020 18:46:29 GMT
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 98

POST
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
328 B 134ms
134ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 29 Feb 2020 18:46:29 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
340 B 149ms
127ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Sat, 29 Feb 2020 18:46:29 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers: content-type
Content-Length: 0

POST
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
328 B 167ms
134ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 29 Feb 2020 18:46:29 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
328 B 195ms
123ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 29 Feb 2020 18:46:30 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK yxvcxx5ksxm985d2 Show response
client-analytics.braintreegateway.com/ 0
328 B 129ms
128ms XHR
text/plain 3.137.39.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/yxvcxx5ksxm985d2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.137.39.162 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-137-39-162.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.everyaction.com/t6ef7KnOvkW67sqaq4-H1g2?sourceid=1000437&amp%3bms=emft&amp%3bcontactdata=IlckwnR9Kqh3WXQ9ucCqMh9N1DL0q+8+vvl+M3SUJk5z1vc9xyArYnV3+dre9TlzMvi5RJmO%2fPH5vMut7N7anWHOi8tBriJynZfJAgCi%2fGpRZ8AWyERwThAZX%2fsAnkyyk%2fyEieW4yHQPyOBcVj3pww%3d%3d&amp%3bnvep=ew0KICAiVGVuYW50VXJpIjogIm5ncHZhbjovL3Zhbi9KVlAvSlZQLzEvNjE4ODEiLA0KICAiRGlzdHJpYnV0aW9uVW5pcXVlSWQiOiAiNWVlZjIxOWEtMGE1Yi1lYTExLWE5NGMtMDAxNTVkMDM5ZTc0IiwNCiAgIkVtYWlsQWRkcmVzcyI6ICJ3YWx0ZXIudmRiM0B0ZWxlbmV0LmJlIg0KfQ%3d%3d&amp%3bhmac=9tbUJ30QBzFwvWvWJNoFjrQ3wjfcCFbO3ET46ql8zc0%3d&amp%3bemci=9ca44310-095b-ea11-a94c-00155d039e74&amp%3bemdi=5eef219a-0a5b-ea11-a94c-00155d039e74&amp%3bceid=197022
Origin: https://secure.everyaction.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Sat, 29 Feb 2020 18:46:30 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everyaction.com/	1970-01-22 23:22:14	Name: ProfileDatabagId Value: wtUWuKO00l1q806kRMS39K0t
.everyaction.com/	1970-01-19 07:43:22	Name: _dc_gtm_UA-28243511-20 Value: 1
.everyaction.com/	1970-01-19 07:43:22	Name: _gat_UA-28243511-20 Value: 1
.everyaction.com/	1970-01-19 07:44:48	Name: _gid Value: GA1.2.1816134648.1583001988
.everyaction.com/	1970-01-19 07:43:22	Name: _gat_UA-28243511-22 Value: 1
secure.everyaction.com/	1970-01-19 07:43:23	Name: ai_session Value: lljwz\|1583001988632.815\|1583001988632.815
secure.everyaction.com/	1970-01-19 16:28:57	Name: ai_user Value: I2ry0\|2020-02-29T18:46:28.355Z
.secure.everyaction.com/	1970-01-19 07:43:22	Name: _dc_gtm_UA-62682497-4 Value: 1
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_766_1392949 Value: Ete0R7kMrVl2kR4i/2GhCoKxWl4AAAAAJf4ftmaj/XwoKshp69pcaw==
.secure.everyaction.com/	1970-01-19 07:44:48	Name: _gid Value: GA1.3.1816134648.1583001988
secure.everyaction.com/	1969-12-31 23:59:59	Name: Value:
.secure.everyaction.com/	1970-01-19 07:43:25	Name: x-ms-routing-name Value: self
.everyaction.com/	1970-01-19 16:27:42	Name: visid_incap_823975 Value: eojVLRziSOSaUYhDBnT/MYKxWl4AAAAAQUIPAAAAAAA3Mh2n9yMfuXLMv0NGhKeD
.secure.everyaction.com/	1970-01-19 07:43:25	Name: TiPMix Value: 59.2981129229526
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_766_823975 Value: Ug2nQAwbgBGnkR4i/2GhCoKxWl4AAAAAE1rSHfAJHDEPRArgPTx6dw==
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_1392949 Value: d+ImLUA21RPkxKymuiPdvwAAAABJN4oJkbAqPtjmn7XAcsBQ
.secure.everyaction.com/	1970-01-20 01:14:33	Name: _ga Value: GA1.3.1915080780.1583001988
.everyaction.com/	1970-01-20 01:14:33	Name: _ga Value: GA1.2.1915080780.1583001988
.everyaction.com/	1970-01-19 16:27:42	Name: visid_incap_1392949 Value: 0EfXndETSiSQUHN61E30w4KxWl4AAAAAQUIPAAAAAABLZHomWwME7hoJw0xdTk9p
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: vsuCfThb8zrSRa4GOu0ZEgAAAACO3HW342snejybUbvCe7hZ

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading: 213.2470703125ms
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 0: HeaderHtml
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 1: FooterHtml
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 2: submitForm
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 3: ContributionInformation
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 4: ContactInformation
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 5: PaymentInformation
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 19) Message: 6: Interests
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 89) Message: true -- true
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing: 30.659912109375ms
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 171) Message: no memTY
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render: 120.910888671875ms
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 202) Message: {"fill_dict":{"SelectAmount":"18.00","IsRecurring":false,"SelectedFrequency":"4","Country":"US","Interest_4375316":true,"ProcessingCurrency":"USD","Amount":"18.00","YesSignMeUpForUpdatesForBinder":true,"SuggestedAmount":"18.00","_source":"None","_value_sources":{"ProcessingCurrency":"defaults","Amount":"defaults","IsRecurring":"defaults","Country":"defaults","YesSignMeUpForUpdatesForBinder":"defaults","Interest_4375316":"defaults","SelectAmount":"defaults","SuggestedAmount":"defaults"}},"fill_source":"None"}
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill: 8.614990234375ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form: 386.478271484375ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 411.765869140625ms
console-api	log	URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/themes/EA_Callbacks_Embed_Donate.js(Line 202) Message: {"fill_dict":{"SelectAmount":"18.00","IsRecurring":false,"SelectedFrequency":"4","Country":"US","Interest_4375316":true,"ProcessingCurrency":"USD","Amount":"18.00","YesSignMeUpForUpdatesForBinder":true,"SuggestedAmount":"18.00","_source":"None","_value_sources":{"ProcessingCurrency":"defaults","Amount":"defaults","IsRecurring":"defaults","Country":"defaults","YesSignMeUpForUpdatesForBinder":"defaults","Interest_4375316":"defaults","SelectAmount":"defaults","SuggestedAmount":"defaults"}},"fill_source":"None"}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
checkout.paypal.com
click.everyaction.com
client-analytics.braintreegateway.com
code.jquery.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
payments.braintree-api.com
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.224.194.11
143.204.101.72
143.204.98.175
152.199.19.160
2001:4de0:ac19::1:b:3a
2600:9000:20eb:3a00:12:303c:8700:21
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:81a::200e
2a00:1450:4001:81c::2008
2a00:1450:400c:c00::9d
2a03:2880:f02d:12:face:b00c:0:3
3.137.39.162
45.60.33.183
51.140.6.23
52.239.157.138
88.221.63.221
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
178472c41d58ab292d43b56d6ca6c8d014522b947af4e0252a012a333fa06e0a
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17
3c88defaf4bcd1430396d74e3cdc4d4a366b775b709e948d351ee61da249cdc3
41016289e5a7829fb7eaf56232ae725d65264bfbfda98bb094effb883c671bf8
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
4bfc0ee0755966465d8c3c47bc1c72680e0955320aeca408a279c78e836d5ca2
51fa3b98f0d6164e770706af798f652d08622376f78bb682332cbef7f4244cec
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
58dd92b26521eecae86002911ed654348aa10eb962dc3854582caa5643e792ef
62c8512b27ff9cbb23f96fd433e159b270bf3a75571a76b8428a4effc21effe0
68ecf5b9378d0039f59383754118ff3836aa300e83122d7db90209342e09048b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8deef07a5609f678e89f2354c5617c22165f03ead7e0bd3428b8e800b5667f6e
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
9256cf3a8810fee8eebf019c2e818fdc4b0b17a3f0bd886561938616c9123da4
9d3027bdc2a09d45d2398cc69aaecccb13cae262460a5d502e6ea289f421f1db
ab8122460b24a6f0076ca9d12295ca427d186a4071abe3671b40480a187f9c2f
adf6b1919f467d8f58e8b886461a1ff02fef71d3249a97dad499874f101ee739
b0c43063e9e97811ce1c929675bd32811eb674f0e154e3d816ac24da71800c41
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d972cb3eb8727e4f2ea30aed262d195a0e504e8d63359e268139931f0c64d253
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b0cb17862dc210b7118bc21e60db77fae45fe6ebce128b0427bca031fd3010
e46cbb8f63b007fb660300b70d94f706b7467ab2699640ddef774f4b35d44e62
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
f22c6ae24b608e03249eb0be489e3a53d748b3190582772405ffb93ed12a70b8
f6f7a8acc64a0c3bd7b7536000c96f8cfaec36a676f27d08847e97f33348b538
fb90c26ada2b084026ba27cddc8182f381ec667afbd5b5ff98f27c38c05142ab
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

secure.everyaction.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

67 Requests

100 %HTTPS

44 %IPv6

16 Domains

20 Subdomains

17 IPs

7 Countries

1006 kBTransfer

2696 kBSize

20 Cookies

12 Outgoing links

Page URL History

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.everyaction.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

100 %
HTTPS

44 %
IPv6

16
Domains

20
Subdomains

17
IPs

7
Countries

1006 kB
Transfer

2696 kB
Size

20
Cookies

67 HTTP transactions
2 data transactions