urlscan.io logo urlscan.io
SecurityTrails logo

secure.everyaction.com Open in urlscan Pro
45.60.31.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://russiacoverup.com/
Effective URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Submission: On March 03 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 1 countries across 11 domains to perform 37 HTTP transactions. The main IP is 45.60.31.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.everyaction.com. The Cisco Umbrella rank of the primary domain is 49337.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 28th 2020. Valid for: 2 years.
This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.225.221.67 16509 (AMAZON-02)
11 45.60.31.183 19551 (INCAPSULA)
3 2607:f8b0:400... 15169 (GOOGLE)
4 2600:9000:21e... 16509 (AMAZON-02)
1 52.239.157.138 8075 (MICROSOFT...)
1 13.225.221.52 16509 (AMAZON-02)
1 2606:2800:11f... 15133 (EDGECAST)
12 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:402... 15169 (GOOGLE)
2 20.42.73.154 8075 (MICROSOFT...)
37 9
1    13.225.221.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-67.jfk51.r.cloudfront.net
russiacoverup.com
11    45.60.31.183 (United States)

ASN19551 (INCAPSULA, US)
secure.everyaction.com
profile.ngpvan.com
secure.ngpvan.com
3    2607:f8b0:4006:80f::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:9000:21ec:8000:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)
d3rse9xjbp8270.cloudfront.net
1    52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    13.225.221.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-221-52.jfk51.r.cloudfront.net
js.verygoodvault.com
1    2606:2800:11f:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
12    2607:f8b0:4006:820::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4023:1407::9b (Columbus, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    20.42.73.154 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
12 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
8 everyaction.com
secure.everyaction.com — Cisco Umbrella Rank: 49337
30 KB
4 cloudfront.net
d3rse9xjbp8270.cloudfront.net
278 KB
3 ngpvan.com
profile.ngpvan.com — Cisco Umbrella Rank: 49431
secure.ngpvan.com — Cisco Umbrella Rank: 56800
3 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
124 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 857
282 B
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
465 B
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 1652
40 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 65676
24 KB
1 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 47984
490 KB
1 russiacoverup.com
russiacoverup.com
671 B
37 11
Domain Requested by
12 www.google-analytics.com www.googletagmanager.com
az416426.vo.msecnd.net
secure.everyaction.com
8 secure.everyaction.com secure.everyaction.com
az416426.vo.msecnd.net
4 d3rse9xjbp8270.cloudfront.net secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
3 www.googletagmanager.com secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
2 stats.g.doubleclick.net az416426.vo.msecnd.net
1 secure.ngpvan.com az416426.vo.msecnd.net
1 az416426.vo.msecnd.net secure.everyaction.com
1 js.verygoodvault.com secure.everyaction.com
1 nvlupin.blob.core.windows.net secure.everyaction.com
1 russiacoverup.com 1 redirects
37 12

This site contains links to these domains. Also see Links.

Domain
www.americanprogressaction.org
www.everyaction.com
Subject Issuer Validity Valid
*.everyaction.com
RapidSSL TLS RSA CA G1		 2020-05-28 -
2022-05-28		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2022-02-18 -
2023-02-18		 a year crt.sh
*.verygoodvault.com
Amazon		 2022-02-17 -
2023-03-18		 a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.ngpvan.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-30 -
2023-01-14		 a year crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2022-02-08 -
2023-02-08		 a year crt.sh

This page contains 1 frames:

Primary Page: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Frame ID: 38BD6677AEA913B19BA5383E1B86D774
Requests: 36 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Stop the Cover-Up!

Page URL History Show full URLs

  1. http://russiacoverup.com/ HTTP 301
    https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

37
Requests

100 %
HTTPS

50 %
IPv6

11
Domains

12
Subdomains

9
IPs

1
Countries

1010 kB
Transfer

2273 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://russiacoverup.com/ HTTP 301
    https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

37 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 1O94vYiGjkuZ5yhJaY6tZg2
secure.everyaction.com/
Redirect Chain
  • http://russiacoverup.com/
  • https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
c4fdf72e340035fe3fa3765abf9ddea369d6a54bfd30847df6f2eb927c41bf28
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Cache-Control
public, max-age=10
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Thu, 03 Mar 2022 00:10:11 GMT
X-CDN
Imperva
Transfer-Encoding
chunked
X-Iinfo
6-29641084-29641133 NNNY CT(7 18 0) RT(1646266211704 117) q(0 0 0 2) r(0 0) U18

Redirect headers

Content-Type
application/json
Content-Length
54
Connection
keep-alive
Date
Sun, 27 Feb 2022 03:50:47 GMT
x-amzn-RequestId
52be912c-adb4-4db9-bcaf-71037bfdacdb
x-amz-apigw-id
OLs7uFBwIAMF_SQ=
Location
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
X-Amzn-Trace-Id
Root=1-621af517-06558c0b3bcef14e16c3b182;Sampled=0
Via
1.1 d93f61c3371a812d64846df2034f9796.cloudfront.net (CloudFront), 1.1 a3974a97ba504b481cfb8868c9d58588.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD79-C3 JFK51-C1
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
ie7vb8hj_tn6jgSrOBGGr9Dno_R9FltRq3LzPkPZGy9t01ppjhgxcQ==
Age
332364
js
www.googletagmanager.com/gtag/ 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-114555391-1
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
34c81efb21f9f282a97569e0df0543c1f1a206320032abead93fe24c07a108d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 00:10:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37536
x-xss-protection
0
expires
Thu, 03 Mar 2022 00:10:12 GMT
published.css
secure.everyaction.com/Content/css/forms/ 		389 B
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Content/css/forms/published.css
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 00:10:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 23 Feb 2022 21:31:52 GMT
X-CDN
Imperva
Etag
"094a1c5fc28d81:0"
Content-Type
text/css
X-Iinfo
6-29641084-29640568 2VNN RT(1646266211704 214) q(0 0 0 -1) r(0 0)
Access-Control-Expose-Headers
Request-Context
Content-Length
237
at.js
d3rse9xjbp8270.cloudfront.net/ 		843 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
661f47192b63c48d731b85a0c4b9e6885263daddd9c336346f818e0c769c1513

Request headers

Referer
https://secure.everyaction.com/
Origin
https://secure.everyaction.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:33:46 GMT
content-encoding
gzip
age
30986
x-cache
Hit from cloudfront
content-length
245554
access-control-allow-origin
*
last-modified
Tue, 01 Mar 2022 15:33:08 GMT
server
AmazonS3
etag
"24637e09daf71b560680722394d5050f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 b6cc1359c0cd55a8339441d8abb6a450.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
7YpeWBrbEkDTkiZix9RRGsASrkXcfl2kB6CquFIgg2bVXBSTrvXjOw==
at.min.css
d3rse9xjbp8270.cloudfront.net/ 		111 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cdc3685ae1124e0c0529f9e005148ca3a031b5a41920f9066cedac74939a8b18

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:34:09 GMT
content-encoding
gzip
age
30964
x-cache
Hit from cloudfront
content-length
20669
access-control-allow-origin
*
last-modified
Tue, 01 Mar 2022 15:33:08 GMT
server
AmazonS3
etag
"943a31f5bd190d32f4db67407117161c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 7787c17f7e39468ee68e2078b8b5894e.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
Wsw489dRIATanr92U14LPEmMl86X3bX0jT8RYrDOZtTE5zY_3y75OQ==
script-error
secure.everyaction.com/js/ 		246 B
624 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 03 Mar 2022 00:10:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 01 Mar 2022 17:12:51 GMT
X-CDN
Imperva
Content-Type
text/javascript; charset=utf-8
X-Iinfo
6-29641160-29636762 2VNN RT(1646266211934 17) q(0 0 0 -1) r(0 0)
Access-Control-Expose-Headers
Request-Context
Cache-Control
max-age=31424559, public
Content-Length
174
Expires
Wed, 01 Mar 2023 17:12:50 GMT
BANNER_7.jpg
nvlupin.blob.core.windows.net/images/van/EA/EA002/1/60768/images/QuitTheCoverup/ 		489 KB
490 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/EA/EA002/1/60768/images/QuitTheCoverup/BANNER_7.jpg
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a8a25df8d6a6c022b0920422b7e5b093bc0acd6984da5ee44c0bc39e51ff3e6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Thu, 03 Mar 2022 00:10:12 GMT
Last-Modified
Wed, 21 Feb 2018 15:35:47 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag
0x8D57940C77E6A33
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
x-ms-request-id
3d182b98-501e-0060-7093-2e54da000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
500949
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.221.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-221-52.jfk51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Referer
https://secure.everyaction.com/
Origin
https://secure.everyaction.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Wed, 02 Mar 2022 12:42:23 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
41270
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:03:51 GMT
Server
AmazonS3
ETag
W/"f3cecf4193fb217244937c56bee4b1b6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
x-amz-version-id
MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Via
1.1 b0a0e0d22a21f33ff74219a7ecf1d55e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
JFK51-C1
Content-Type
application/javascript
X-Amz-Cf-Id
a8-MzclBxRUcVpp2L4sUr1bWnRrgOj8Uv_rconDBmOY1VBBIxE2P_g==
_Incapsula_Resource
secure.everyaction.com/ 		142 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1271452594
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
1034841185d873122d31632154b3583f09a3ca204ba38ce3ded11477af641f2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
20389
Content-Type
application/javascript
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:11f:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nya/78CA) /
Resource Hash
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 03 Mar 2022 00:10:12 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-07 00:07:47
content-md5
kIbzAcz/m2O65DekgfwJzw==
age
594
x-cache
HIT
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.7.4.min.js
content-length
40497
x-ms-lease-status
unlocked
last-modified
Wed, 02 Mar 2022 20:08:25 GMT
server
ECAcc (nya/78CA)
x-ms-meta-aijssdkver
2.7.4
etag
0x8D9FC8868AFB46B
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
cf4d6535-e01e-002f-1f91-2ee5be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-version
2009-09-19
expires
Thu, 03 Mar 2022 00:40:12 GMT
gtm.js
www.googletagmanager.com/ 		124 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0778f92bb67c24686be5afea10e55d9f71c73fcd3ce4ea35055717ad785fcd70
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 00:10:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45617
x-xss-protection
0
expires
Thu, 03 Mar 2022 00:10:12 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-114555391-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
5354
date
Wed, 02 Mar 2022 22:40:58 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 03 Mar 2022 00:40:58 GMT
_Incapsula_Resource
secure.everyaction.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8788887541307939
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
collect
www.google-analytics.com/j/ 		1 B
148 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1194961603&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1456308612&gjid=1420558218&cid=2076675640.1646266213&tid=UA-114555391-1&_gid=1563729429.1646266213&_r=1&gtm=2ou2s0&z=115070946
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 00:10:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-62682497-4&cid=2076675640.1646266213&jid=252668048&gjid=1208462920&_gid=1563729429.1646266213&_u=YGDAgUABAAAAAG~&z=123158913
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 03 Mar 2022 00:10:12 GMT
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAgUABAAAAAC~&jid=252668048&gjid=1208462920&cid=2076675640.1646266213&tid=UA-62682497-4&_gid=1563729429.1646266213&gtm=2wg2s0PM473M&z=184141509
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 03:21:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74947
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
identity
profile.ngpvan.com/ 		72 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
5c9b6f83e04e88e36ddae018d43e55d8dde0fa95b1183179fbe0add49cad0082
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 00:10:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo
13-156998102-156998104 NNNN CT(-1 -1 2) RT(1646266212308 0) q(0 0 0 1) r(0 0) U5
x-cdn
Imperva
content-type
text/javascript; charset=utf-8
content-length
194
etag
W/"48-a0vKlBPw2Jvl6s0ApFarzjccKpo"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
gtm.js
www.googletagmanager.com/ 		117 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d6275d12912aedc43c2ba315e38cc26349b9cddd2dab8a95a8e380b9435cd4e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 00:10:12 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42899
x-xss-protection
0
expires
Thu, 03 Mar 2022 00:10:12 GMT
extra.min.css
d3rse9xjbp8270.cloudfront.net/ 		93 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
afac0220aaeeb1d3b62792f5adcea5036973f66a5638bae3da3f39f732ccd28b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 02 Mar 2022 15:34:09 GMT
content-encoding
gzip
age
30964
x-cache
Hit from cloudfront
content-length
15866
access-control-allow-origin
*
last-modified
Tue, 01 Mar 2022 15:33:08 GMT
server
AmazonS3
etag
"c73f29a24c367300d6a95392a312d47f"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 7787c17f7e39468ee68e2078b8b5894e.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
gLmbY0pJZXA_IRVUWissOMP0yrBchO9liPgBQjmFWNzK1WZLM6ibdw==
1O94vYiGjkuZ5yhJaY6tZg2
secure.everyaction.com/v1/Forms/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/v1/Forms/1O94vYiGjkuZ5yhJaY6tZg2
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
d8a96221a8dee726b32af4f50953cff61b7d0bb63bfa41a29b021e55d71b24ea
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Request-Id
|6ed95c83603c4c799f439de679b1a1db.79c7014169af45f3
X-Requested-With
XMLHttpRequest
traceparent
00-6ed95c83603c4c799f439de679b1a1db-79c7014169af45f3-01
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Thu, 03 Mar 2022 00:10:12 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
X-Iinfo
6-29641160-29641133 PNNy RT(1646266211934 345) q(0 0 0 -1) r(1 1) U18
Access-Control-Expose-Headers
Request-Context
Cache-Control
public, max-age=10
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Vary
Origin,Accept-Encoding
Content-Length
1791
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
ngpvan-logo-16.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/ngpvan-logo-16.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ec:8000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Feb 2022 02:13:25 GMT
via
1.1 7787c17f7e39468ee68e2078b8b5894e.cloudfront.net (CloudFront)
age
856608
x-cache
Hit from cloudfront
content-length
617
last-modified
Thu, 03 Oct 2019 17:12:46 GMT
server
AmazonS3
etag
"3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
JFK51-C1
accept-ranges
bytes
x-amz-cf-id
1S8iTH03gOGq93UfpTBJDruDCKknZvlFZHn44TK_SwBO6OjeDocbXg==
1O94vYiGjkuZ5yhJaY6tZg2
secure.everyaction.com/v1/Track/ 		0
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/v1/Track/1O94vYiGjkuZ5yhJaY6tZg2?formSessionId=030f9038-0623-4319-916d-7da77e541616&bName=chrome&dType=desktop&fUrl=aHR0cHM6Ly9zZWN1cmUuZXZlcnlhY3Rpb24uY29tLzFPOTR2WWlHamt1WjV5aEphWTZ0Wmcy&fRef=
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Thu, 03 Mar 2022 00:10:12 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
6-29641160-29641133 SNNy RT(1646266211934 614) q(0 0 0 -1) r(0 0) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
nvtag
profile.ngpvan.com/v2/data/VxjULz2CeIe0HBWj6nKZGSEY/ 		2 B
960 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/VxjULz2CeIe0HBWj6nKZGSEY/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 03 Mar 2022 00:10:12 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.everyaction.com
x-iinfo
13-156998186-156998187 PNNN RT(1646266212859 0) q(0 0 0 -1) r(0 0) U5
access-control-allow-credentials
true
content-length
123
x-cdn
Imperva
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1194961603&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=241&_u=aGHAAUABAAAAAG~&jid=1630620573&gjid=1235244577&cid=2076675640.1646266213&tid=UA-28243511-22&_gid=1563729429.1646266213&_r=1&gtm=2wg2s05L2FSL&z=17466414
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 03 Mar 2022 00:10:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-28243511-23&cid=2076675640.1646266213&jid=884499613&gjid=1730294274&_gid=1563729429.1646266213&_u=aGHAgUABAAAAAG~&z=602431457
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1407::9b Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 03 Mar 2022 00:10:13 GMT
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgUABAAAAAG~&jid=884499613&gjid=1730294274&cid=2076675640.1646266213&tid=UA-28243511-23&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FEA%2FEA002%2F1%2F60768&cd3=4411211&cd4=1031719&cd5=Petition%3A%20Russia%20Cover-Up&cd6=1O94vYiGjkuZ5yhJaY6tZg2&z=593862583
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PetitionForm&ea=Form%20Load&el=Minimal&ev=6&_u=aGHAgUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-28243511-23&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FEA%2FEA002%2F1%2F60768&cd3=4411211&cd4=1031719&cd5=Petition%3A%20Russia%20Cover-Up&cd6=1O94vYiGjkuZ5yhJaY6tZg2&z=2040057102
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=4&_u=aGHAAUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-28243511-22&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&z=881637544
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=20&_u=aGHAAUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-28243511-22&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&z=1925632783
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=4&_u=aGHAAUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-28243511-22&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&z=1991792354
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=270&_u=aGHAAUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-28243511-22&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&z=1272331580
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=305&_u=aGHAAUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-28243511-22&_gid=1563729429.1646266213&gtm=2wg2s05L2FSL&z=2039290587
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
VxjULz2CeIe0HBWj6nKZGSEY
secure.everyaction.com/Databag/Profile/ 		0
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/VxjULz2CeIe0HBWj6nKZGSEY
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/1O94vYiGjkuZ5yhJaY6tZg2
Request-Id
|6ed95c83603c4c799f439de679b1a1db.c9c9874243004cf7
traceparent
00-6ed95c83603c4c799f439de679b1a1db-c9c9874243004cf7-01
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Imperva
Date
Thu, 03 Mar 2022 00:10:12 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
6-29641160-29641133 SNNy RT(1646266211934 971) q(0 0 0 -1) r(0 0) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
VxjULz2CeIe0HBWj6nKZGSEY
secure.ngpvan.com/Databag/Profile/ 		0
917 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/VxjULz2CeIe0HBWj6nKZGSEY
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.31.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cdn
Imperva
date
Thu, 03 Mar 2022 00:10:13 GMT
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://secure.everyaction.com
x-iinfo
13-156998196-156998207 NNNY CT(7 17 0) RT(1646266213337 0) q(0 0 0 29) r(1 1) U11
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1194961603&t=timing&_s=2&dl=https%3A%2F%2Fsecure.everyaction.com%2F1O94vYiGjkuZ5yhJaY6tZg2&ul=en-us&de=UTF-8&dt=Stop%20the%20Cover-Up!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1688&pdt=4&dns=30&rrt=85&srt=97&tcp=461&dit=973&clt=973&_gst=828&_gbt=977&_cst=701&_cbt=822&_u=aGHAgUABAAAAAG~&jid=&gjid=&cid=2076675640.1646266213&tid=UA-62682497-4&_gid=1563729429.1646266213&gtm=2wg2s0PM473M&z=816825568
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Mar 2022 22:50:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4796
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.154 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://secure.everyaction.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Thu, 03 Mar 2022 00:10:13 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		98 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.42.73.154 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fe1f3318c29bad1a8b03f348b5e0749aedb2583c7d5c17d98b7b00b8b696216f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/
Accept-Language
en-CA,en;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
96A35726-D3F1-4D21-8496-6710213C4480
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Thu, 03 Mar 2022 00:10:13 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
98

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| gtag object| dataLayer string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| handleScriptLoadError object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| e function| t object| Microsoft object| gaplugins object| gaGlobal object| gaData object| Backbone function| _jqjsp object| atLayer object| _gaq object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| formview

22 Cookies

Domain/Path Name / Value
.everyaction.com/ Name: visid_incap_823975
Value: l5LKYkuqTni9Ezud6+1XuWMHIGIAAAAAQUIPAAAAAACfwWxsOUc/37NvrUK4xlH1
.everyaction.com/ Name: nlbi_823975
Value: xdp2QzAvCVKIb+HgxwoUeQAAAAD05GlguVj9dc8ukJbRY2R5
.everyaction.com/ Name: incap_ses_1465_823975
Value: N5ZxRDg6bX3LzfE96blUFGMHIGIAAAAAee+NvqTkE4eqVmhz326rOw==
.secure.everyaction.com/ Name: TiPMix
Value: 14.7599144907482
.secure.everyaction.com/ Name: x-ms-routing-name
Value: self
secure.everyaction.com/ Name: ai_user
Value: GRmUZkL+aaedanHsof18Nb|2022-03-03T00:10:12.563Z
.everyaction.com/ Name: _ga
Value: GA1.2.2076675640.1646266213
.everyaction.com/ Name: _gid
Value: GA1.2.1563729429.1646266213
.everyaction.com/ Name: _gat_gtag_UA_114555391_1
Value: 1
.secure.everyaction.com/ Name: _ga
Value: GA1.3.2076675640.1646266213
.secure.everyaction.com/ Name: _gid
Value: GA1.3.1563729429.1646266213
.secure.everyaction.com/ Name: _dc_gtm_UA-62682497-4
Value: 1
secure.everyaction.com/ Name: ai_session
Value: mnh/DPubK34YgKECYHm7TG|1646266212666|1646266212666
.profile.ngpvan.com/ Name: TiPMix
Value: 20.6145055222393
.profile.ngpvan.com/ Name: x-ms-routing-name
Value: self
profile.ngpvan.com/ Name: ngpvanuser
Value: VxjULz2CeIe0HBWj6nKZGSEY
.everyaction.com/ Name: _gat_UA-28243511-22
Value: 1
.everyaction.com/ Name: _dc_gtm_UA-28243511-23
Value: 1
.everyaction.com/ Name: ProfileDatabagId
Value: VxjULz2CeIe0HBWj6nKZGSEY
.secure.ngpvan.com/ Name: TiPMix
Value: 23.1459070570515
.secure.ngpvan.com/ Name: x-ms-routing-name
Value: self
.ngpvan.com/ Name: ProfileDatabagId
Value: VxjULz2CeIe0HBWj6nKZGSEY

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
profile.ngpvan.com
russiacoverup.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
13.225.221.52
13.225.221.67
20.42.73.154
2600:9000:21ec:8000:12:303c:8700:21
2606:2800:11f:1cb7:261b:1f9c:2074:3c
2607:f8b0:4006:80f::2008
2607:f8b0:4006:820::200e
2607:f8b0:4023:1407::9b
45.60.31.183
52.239.157.138
0778f92bb67c24686be5afea10e55d9f71c73fcd3ce4ea35055717ad785fcd70
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64
1034841185d873122d31632154b3583f09a3ca204ba38ce3ded11477af641f2a
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
34c81efb21f9f282a97569e0df0543c1f1a206320032abead93fe24c07a108d6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
5a8a25df8d6a6c022b0920422b7e5b093bc0acd6984da5ee44c0bc39e51ff3e6
5c9b6f83e04e88e36ddae018d43e55d8dde0fa95b1183179fbe0add49cad0082
661f47192b63c48d731b85a0c4b9e6885263daddd9c336346f818e0c769c1513
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
afac0220aaeeb1d3b62792f5adcea5036973f66a5638bae3da3f39f732ccd28b
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
c4fdf72e340035fe3fa3765abf9ddea369d6a54bfd30847df6f2eb927c41bf28
cdc3685ae1124e0c0529f9e005148ca3a031b5a41920f9066cedac74939a8b18
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d6275d12912aedc43c2ba315e38cc26349b9cddd2dab8a95a8e380b9435cd4e1
d8a96221a8dee726b32af4f50953cff61b7d0bb63bfa41a29b021e55d71b24ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fe1f3318c29bad1a8b03f348b5e0749aedb2583c7d5c17d98b7b00b8b696216f
feb5a95f889fd1ecdabaab0aece26b232bdb83017971c4636dce99105898f318