win.emilyslist.org Open in urlscan Pro
99.86.2.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://emilysli.st/e17
Effective URL:
https://win.emilyslist.org/a/20210525_textb_onnotice
Submission: On May 26 via api (May 26th 2021, 7:54:54 am UTC) from US

Summary HTTP 65 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 15 domains to perform 65 HTTP transactions. The main IP is 99.86.2.60, located in United States and belongs to AMAZON-02, US. The main domain is win.emilyslist.org.
TLS certificate: Issued by Amazon on April 22nd 2021. Valid for: a year.

This is the only time win.emilyslist.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	143.204.202.73 143.204.202.73	16509 (AMAZON-02) (AMAZON-02)
1 3	143.204.98.18 143.204.98.18	16509 (AMAZON-02) (AMAZON-02)
5	99.86.2.60 99.86.2.60	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:215... 2600:9000:2156:be00:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700::68... 2606:4700::6811:e04e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.239.157.138 52.239.157.138	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	44.236.75.251 44.236.75.251	16509 (AMAZON-02) (AMAZON-02)
7	143.204.98.2 143.204.98.2	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
7	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
2	13.69.106.212 13.69.106.212	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
2	54.157.254.222 54.157.254.222	14618 (AMAZON-AES) (AMAZON-AES)
65	17

2 143.204.202.73 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-73.fra53.r.cloudfront.net

emilysli.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net

emilyslist.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.2.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-2-60.fra6.r.cloudfront.net

win.emilyslist.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:be00:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:e04e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.236.75.251 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-75-251.us-west-2.compute.amazonaws.com

p.alocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-2.fra50.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.106.212 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.157.254.222 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-254-222.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	google-analytics.com www.google-analytics.com	39 KB
9	cloudfront.net d3rse9xjbp8270.cloudfront.net	450 KB
8	emilyslist.org 1 redirects emilyslist.org win.emilyslist.org	139 KB
7	verygoodvault.com js.verygoodvault.com	264 KB
6	googletagmanager.com www.googletagmanager.com	108 KB
6	fonts.net fast.fonts.net	102 KB
4	ngpvan.com profile.ngpvan.com fastaction.ngpvan.com secure.ngpvan.com	4 KB
3	everyaction.com secure.everyaction.com	10 KB
3	windows.net nvlupin.blob.core.windows.net	2 MB
2	verygood.systems vgs-collect-keeper.apps.verygood.systems	313 B
2	doubleclick.net stats.g.doubleclick.net	109 B
2	visualstudio.com dc.services.visualstudio.com	236 B
2	alocdn.com 1 redirects p.alocdn.com	668 B
2	emilysli.st 2 redirects emilysli.st	759 B
1	msecnd.net az416426.vo.msecnd.net	38 KB
65	15

	Domain	Requested by
12	www.google-analytics.com	win.emilyslist.org www.google-analytics.com az416426.vo.msecnd.net www.googletagmanager.com
9	d3rse9xjbp8270.cloudfront.net	win.emilyslist.org d3rse9xjbp8270.cloudfront.net www.googletagmanager.com
7	js.verygoodvault.com	win.emilyslist.org js.verygoodvault.com
6	www.googletagmanager.com	win.emilyslist.org d3rse9xjbp8270.cloudfront.net
6	fast.fonts.net	win.emilyslist.org fast.fonts.net
5	win.emilyslist.org	win.emilyslist.org az416426.vo.msecnd.net
3	secure.everyaction.com	az416426.vo.msecnd.net
3	nvlupin.blob.core.windows.net	win.emilyslist.org
3	emilyslist.org	1 redirects nvlupin.blob.core.windows.net
2	vgs-collect-keeper.apps.verygood.systems	js.verygoodvault.com
2	stats.g.doubleclick.net	az416426.vo.msecnd.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	profile.ngpvan.com	d3rse9xjbp8270.cloudfront.net az416426.vo.msecnd.net
2	p.alocdn.com	1 redirects win.emilyslist.org
2	emilysli.st	2 redirects
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	d3rse9xjbp8270.cloudfront.net
1	az416426.vo.msecnd.net	win.emilyslist.org
65	18

This site contains links to these domains. Also see Links.

Domain
www.emilyslist.org
fastaction.ngpvan.com

Subject Issuer	Validity	Valid
emilyslist-oa.edge.targetedaction.net Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-06` - `2021-08-06`	a year	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2021-05-19` - `2022-05-19`	a year	crt.sh
*.alocdn.com Go Daddy Secure Certificate Authority - G2	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.verygoodvault.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
emilyslist.org Amazon	`2021-03-13` - `2022-04-11`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.ngpvan.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-01-14` - `2022-01-14`	a year	crt.sh
*.everyaction.com RapidSSL TLS RSA CA G1	`2020-05-28` - `2022-05-28`	2 years	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2021-04-21` - `2022-04-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
vgs-collect-keeper.apps.verygood.systems R3	`2021-05-01` - `2021-07-30`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://win.emilyslist.org/a/20210525_textb_onnotice
Frame ID: FEFA5D08E0F18902417387FCE0EA6BBC
Requests: 58 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2603839101296200591&formId=randomId26025790307237330357&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Frame ID: 29745AB2AE5D1F3CEE135CB471F3C266
Requests: 5 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2609771601123606493&formId=randomId26025790307237330357&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Frame ID: DC80EC1691B2C6372BE52F138F23D24C
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://emilysli.st/e17 HTTP 301
https://emilysli.st/e17 HTTP 301
https://emilyslist.org/go/e17 HTTP 301
https://win.emilyslist.org/a/20210525_textb_onnotice Page URL

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

65
Requests

100 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

17
IPs

4
Countries

3284 kB
Transfer

5278 kB
Size

6
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.emilyslist.org/
Title: EMILY's List

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.emilyslist.org/pages/entry/privacy-policy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://emilysli.st/e17 HTTP 301
https://emilysli.st/e17 HTTP 301
https://emilyslist.org/go/e17 HTTP 301
https://win.emilyslist.org/a/20210525_textb_onnotice Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://p.alocdn.com/c/4gadsb69/a/etarget/p.gif?label=emilyslist HTTP 302
https://p.alocdn.com/c/4gadsb69/a/etarget/p.gif?label=emilyslist&tdc=1&url=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice

65 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 20210525_textb_onnotice Show response
win.emilyslist.org/a/
Redirect Chain

http://emilysli.st/e17
https://emilysli.st/e17
https://emilyslist.org/go/e17
https://win.emilyslist.org/a/20210525_textb_onnotice

12 KB
6 KB

398ms
209ms

Document
text/html

99.86.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://win.emilyslist.org/a/20210525_textb_onnotice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-60.fra6.r.cloudfront.net

Software

Resource Hash

17b50dc12f68ab2a03ca9f97c6ce481c1252780a1a075416fbd0d7759da5d1ad

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: win.emilyslist.org
:scheme: https
:path: /a/20210525_textb_onnotice
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

content-type: text/html; charset=utf-8
cache-control: public, max-age=10
content-encoding: gzip
set-cookie: TiPMix=32.6669293607897; path=/; HttpOnly; Domain=edge-secure.everyaction.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=edge-secure.everyaction.com; Max-Age=3600; Secure SessionKeyCookie=; expires=Wed, 26-May-2021 11:54:32 GMT; path=/; Secure; SameSite=None nlbi_2302165=eXpWOx6ZsBrBJcd+qNOdBgAAAABJXMYZrdgpeo2HzyqWEVJc; path=/; Domain=.everyaction.com visid_incap_2302165=8sIwBiwWSPei3AqnVcE1qbf+rWAAAAAAQUIPAAAAAADPat3C5M5d9XrtCqA+DcC6; expires=Wed, 25 May 2022 16:05:45 GMT; HttpOnly; path=/; Domain=.everyaction.com incap_ses_535_2302165=NEnNG4hQZRH75DeGB7RsB7f+rWAAAAAAMUg+v5JkYMNUfBEXeRUy5Q==; path=/; Domain=.everyaction.com
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
access-control-expose-headers: Request-Context
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
date: Wed, 26 May 2021 07:54:31 GMT
x-cdn: Imperva
x-iinfo: 9-59371527-59249011 sNNN RT(1622015663180 8317) q(0 0 0 0) r(2 2) U18
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: YLJnA9Vuio1pvJuvq8NIDrpMdYp9QyAYWn6wD9VFpqI_ctH2iKJ1Ow==

Redirect headers

content-type: text/html
location: https://win.emilyslist.org/a/20210525_textb_onnotice
date: Wed, 26 May 2021 07:54:31 GMT
server: Apache
set-cookie: el__csrf_token=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; httponly el__csrf_token=318853d19a335a03dc95b47ac6e5616a86367cce; expires=Wed, 26-May-2021 09:54:31 GMT; path=/; httponly
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self';
x-cache: Miss from cloudfront
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: LLHNfubB1YxcvjC0AplQRwE2rGes2tbmUsn9MKiswtaLquU0L4JozQ==

GET
H2 200 at.js Show response
d3rse9xjbp8270.cloudfront.net/ 819 KB
232 KB 35ms
11ms Script
application/javascript 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ba90627f68e8ca7922393357f47d6c6fc746a5c7abb08545e5bdfe2331160e81

Request headers

Origin: https://win.emilyslist.org
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 25 May 2021 15:03:58 GMT
content-encoding: gzip
age: 60635
x-cache: Hit from cloudfront
content-length: 236726
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 15:03:54 GMT
server: AmazonS3
etag: "4644c1f0f3528689fe77baab08eb7f7e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: 6TVZzqJKgRZqdIMw_X6Dec6D0aYTU1aSWJQfO2eiMB36yllUqY0uPg==

GET
H2 200 at.min.css
d3rse9xjbp8270.cloudfront.net/ 111 KB
21 KB 32ms
8ms Stylesheet
text/css 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8c0ec387544b738a9776d4759b30a9f499b3515a67c9df54a72fb47f7b6243a

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 25 May 2021 15:04:01 GMT
content-encoding: gzip
age: 60632
x-cache: Hit from cloudfront
content-length: 20615
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 15:03:54 GMT
server: AmazonS3
etag: "6fdedd0241f45843bbc2c81346b689bf"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: rHNzIl-NSoMOtzOpX6bIKvq1YXXhOPe3zqGZ0847-7V3YP2sFLA3vg==

GET
H2 200 f47d9bb0-4b16-4bd8-bf76-4d42c856a86a.js Show response
fast.fonts.net/jsapi/ 9 KB
4 KB 498ms
482ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/f47d9bb0-4b16-4bd8-bf76-4d42c856a86a.js
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 311c29c826afcd2099f906a06381f46ffde6c0159a1f7cc20e37a2584f2a7e7c

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 3M9D0A6V8XTT3629
x-amz-id-2: bBaC5bdr+rNi7nRN1+FZgSGMr+EWsoxMSgYYTciH/FjYYxhk2G0rHqiyjWEl5ArxJOxlbLhqNqg=
last-modified: Sat, 02 Jan 2021 08:15:16 GMT
server: cloudflare
etag: W/"62b5ab37a39f52fe5afefa7d591403f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Wed, 26 May 2021 11:54:33 GMT
cache-control: public, max-age=14400
cf-request-id: 0a4944197900004e9e4980d000000001
cf-ray: 65556fa25d164e9e-FRA
x-amz-meta-mtime: 1608589702

GET
H/1.1 200
OK ea-lp-styles.css
nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/css/ 106 KB
107 KB 650ms
154ms Stylesheet
text/css 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/css/ea-lp-styles.css
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1eab213116a939568cf62f694878a9b532a065ff2bfbabd65b4537d5b9a5b385

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 May 2021 07:54:33 GMT
Last-Modified: Fri, 14 May 2021 22:34:23 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D917286C3E92A5
Content-Type: text/css
Access-Control-Allow-Origin: *
x-ms-request-id: 5f62c9da-c01e-0107-0304-52a128000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 108955

GET
H2

200

p.gif
p.alocdn.com/c/4gadsb69/a/etarget/
Redirect Chain

https://p.alocdn.com/c/4gadsb69/a/etarget/p.gif?label=emilyslist
https://p.alocdn.com/c/4gadsb69/a/etarget/p.gif?label=emilyslist&tdc=1&url=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice

42 B
351 B

226ms
226ms

Image
image/gif

44.236.75.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.alocdn.com/c/4gadsb69/a/etarget/p.gif?label=emilyslist&tdc=1&url=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.236.75.251 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-75-251.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

Redirect headers

location: /c/4gadsb69/a/etarget/p.gif?label=emilyslist&tdc=1&url=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice
date: Wed, 26 May 2021 07:54:33 GMT
server: nginx/1.18.0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/GIF

GET
H2 200 script-error Show response
win.emilyslist.org/js/ 246 B
819 B 87ms
86ms Script
text/javascript 99.86.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://win.emilyslist.org/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-60.fra6.r.cloudfront.net
Software: /
Resource Hash: b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c

Request headers

:path: /js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
pragma: no-cache
cookie: SessionKeyCookie=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: win.emilyslist.org
referer: https://win.emilyslist.org/a/20210525_textb_onnotice
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:32 GMT
content-encoding: gzip
last-modified: Wed, 19 May 2021 21:46:53 GMT
x-cdn: Imperva
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-iinfo: 3-30028635-0 0CNN RT(1622015672251 1) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=30981141, public
set-cookie: visid_incap_2302165=JQPlh1QwQxmKyTeCNXnNfrj+rWAAAAAAQUIPAAAAAAByLeEZjVokY68Icp7fNfXc; expires=Wed, 25 May 2022 17:48:28 GMT; HttpOnly; path=/; Domain=.everyaction.com incap_ses_246_2302165=8Ll2UOXWfi17PZIvBvhpA7j+rWAAAAAA2N8lt54XyjzHi/0z74cuSg==; path=/; Domain=.everyaction.com
content-length: 174
x-amz-cf-id: TWOKJCuaLJRuXJGzbxbtl-pyET00Inus9Ic7t_w0YvuZh3QPTu3yyQ==
expires: Thu, 19 May 2022 21:46:53 GMT

GET
H/1.1 200
OK AC2nt8erbFu3svSWxmyTZr1b.js Show response
js.verygoodvault.com/vgs-collect/1/ 76 KB
24 KB 217ms
58ms Script
application/javascript 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Origin: https://win.emilyslist.org
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding: gzip
ETag: W/"f3cecf4193fb217244937c56bee4b1b6"
Age: 63541
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:03:51 GMT
Server: AmazonS3
Date: Tue, 25 May 2021 16:01:38 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: -6Uj-fY5atuDlpqubl_3rFzj6AErSFY96rWKNBvRaoXjL45rdZAeVg==

GET
H2 200 _Incapsula_Resource Show response
win.emilyslist.org/ 141 KB
21 KB 95ms
93ms Script
application/javascript 99.86.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://win.emilyslist.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=177307751
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-60.fra6.r.cloudfront.net
Software: /
Resource Hash: 5b61c92c98d8dbc8a7b3e3f251b5c7d0e3bab93228c929ff9247427c887ac7c1

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=177307751
pragma: no-cache
cookie: SessionKeyCookie=
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: win.emilyslist.org
referer: https://win.emilyslist.org/a/20210525_textb_onnotice
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: gzip
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
cache-control: no-cache, no-store
set-cookie: visid_incap_2302165=JQPlh1QwQxmKyTeCNXnNfrj+rWAAAAAAQUIPAAAAAAByLeEZjVokY68Icp7fNfXc; expires=Wed, 25 May 2022 17:48:29 GMT; HttpOnly; path=/; Domain=.everyaction.com incap_ses_246_2302165=6mNeLtsYvm97PZIvBvhpA7j+rWAAAAAAhv4ThDDiOPLP3B78Rj5zpw==; path=/; Domain=.everyaction.com
x-robots-tag: noindex
content-length: 20602
x-amz-cf-id: hyk4bLmzbIm01c79p-QmGqIU1z9pGY9MVbw4yC5AhhSVVElMj6bX6Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 94 KB
33 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M62C5J

Requested by

Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0f78104ad0aee78370223f1cb4a1d60b5abdc42193183c1dbe90d48edc5f787a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33986
x-xss-protection: 0
last-modified: Wed, 26 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 07:54:33 GMT

GET
H2 200 mt_otf.js Show response
fast.fonts.net/jsapi/core/ 70 KB
23 KB 22ms
20ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/core/mt_otf.js
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/f47d9bb0-4b16-4bd8-bf76-4d42c856a86a.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8f8835ea74f1cdfc77294c6b9296954273d3156cc2352ecbcbe6c7fa1d2d3873

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5038
x-amz-request-id: PRHE2V5GKDR391VP
x-amz-id-2: TikRd+OTga0T30/gcF99lkJ9gLTRHLHf9+yoIVmM2e2wrjHLIc+cCcL+njcbVoReh8CPQMXJ30Q=
last-modified: Sat, 02 Jan 2021 08:52:38 GMT
server: cloudflare
etag: W/"b2257c5eec9a06ecd7b80c55c5a47392"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Wed, 26 May 2021 11:54:33 GMT
cache-control: public, max-age=14400
cf-request-id: 0a49441b5f00004e9e72b2d000000001
cf-ray: 65556fa56b5a4e9e-FRA
x-amz-meta-mtime: 1556088861

GET
H2 200 otf_1167145OTFFeatDisabled.js Show response
fast.fonts.net/jsapi/otjs/2313d6f6-6131-401c-9bcd-4a0f5ee781b7/ 3 KB
1 KB 481ms
480ms Script
text/plain 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/jsapi/otjs/2313d6f6-6131-401c-9bcd-4a0f5ee781b7/otf_1167145OTFFeatDisabled.js
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/core/mt_otf.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f9a923144f0760adcea2115cb915ff5b79302118e6005d8095a6db62cf95339

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: V672Q34R2V7VESJH
x-amz-id-2: VGw0+cZFwTlyWu1xjWwlarBmfeD9+ThOuExNd0Jo0y5UP59YLCkFbgdl34j1UHV46IOkAN5DYUQ=
last-modified: Sat, 02 Jan 2021 11:06:58 GMT
server: cloudflare
etag: W/"af3265a853f93498fbc88e010f2fcde9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
expires: Wed, 26 May 2021 11:54:33 GMT
cache-control: public, max-age=14400
cf-request-id: 0a49441b7e00004e9e86020000000001
cf-ray: 65556fa59bc34e9e-FRA
x-amz-meta-mtime: 1391185797

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1477
date: Wed, 26 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 09:29:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
38 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58e2626c7a2cecb56356ffa6bdc7076c0bacdd58f919929262f30cf2e0ce2442

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39231
x-xss-protection: 0
last-modified: Wed, 26 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 07:54:33 GMT

GET
H2 200 sprite.svg
emilyslist.org/assets/images/static/ 107 KB
108 KB 171ms
170ms Image
image/svg+xml 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emilyslist.org/assets/images/static/sprite.svg

Requested by

Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/css/ea-lp-styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-18.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

400ca615d64758a3d41ae7fd9894eab9ccf58bc53954902d11627805baf1a14c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://nvlupin.blob.core.windows.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 14:52:17 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
etag: "1ad57-5c24b63d82a40"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/svg+xml
date: Wed, 26 May 2021 07:54:33 GMT
accept-ranges: bytes
content-length: 109911
x-amz-cf-id: 6AFqJDQYO-nLXdKfIpLRlC2PiVNsdcf3_LSguR8zdf3uov_Y2cWaBw==

GET
H2 200 sprite-footer.svg
emilyslist.org/assets/images/static/ 2 KB
2 KB 508ms
507ms Image
image/svg+xml 143.204.98.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://emilyslist.org/assets/images/static/sprite-footer.svg

Requested by

Host: nvlupin.blob.core.windows.net
URL: https://nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/css/ea-lp-styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.18 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-18.fra50.r.cloudfront.net

Software

Apache /

Resource Hash

baabd45776063be9a10446356ce4def2f1a157f7337d2e976bae0f9a30cb2a76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN, SAMEORIGIN

Request headers

Referer: https://nvlupin.blob.core.windows.net/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: frame-ancestors 'self';
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
last-modified: Fri, 14 May 2021 14:52:17 GMT
server: Apache
x-amz-cf-pop: FRA50-C1
etag: "616-5c24b63d82a40"
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cache: Miss from cloudfront
content-type: image/svg+xml
date: Wed, 26 May 2021 07:54:33 GMT
accept-ranges: bytes
content-length: 1558
x-amz-cf-id: BpuvWK-lVKW61EGNiLBXapugFiqqd1-9BVtuiBin-Br47Zj02SQVHQ==

GET
H2 200 3460519c-f3c3-4c31-9137-9b48e70aaf0a.woff2
fast.fonts.net/dv2/ot/14/ 55 KB
56 KB 490ms
472ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/ot/14/3460519c-f3c3-4c31-9137-9b48e70aaf0a.woff2?d44f19a684109620e484167eae90e81887da62a49a710a81599a3c42d7777e7bf85c9eaae17de5acc70bbfd66cd7a91f83a4a31d5aeca1abc550cc037e097d121b52064209d86e62745ebb63cc8e123d001ccc3555ebde58125f44274e6e4da357831c04c3cad9fd6ab8a00676b1b23d197456aaa2677f9ceedb6a80c356629014dbea870a9159917237cb5bfaab9eb735895e8a3b4ac63813c3627e9c3695b8746720885655d804337febd4573a68c4a68f9ad8a7f36eec9e2b9c2fb9617574d61856cbb4b9696e15140adc4c751c8bf76ff2858a289a671fb547831f42ee0e817d5cdc07ef3591bf01f7c3c6567786ea5c818a3dc778ee7bfb29ce912ec491f1886157b740dfe3e81c0c7ed335a5f7b4f899aa2ef4d1&projectId=f47d9bb0-4b16-4bd8-bf76-4d42c856a86a
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 299a23b9b93a60e526f608e6e4d2ddb2a2529d5c5e1ff7d23b35e873c154c82a

Request headers

Origin: https://win.emilyslist.org
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:34 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: 9J3AKB1KH930K7W7
content-length: 56420
x-amz-id-2: 5d38Qy5Ybf2RSp/+8H+dOujYlbqtlg7WD7EpR8EtohJgyzyngCzwq3NpzvcGX/pfxXGGTGhdlJ4=
expires: Wed, 26 May 2021 11:54:34 GMT
last-modified: Fri, 13 Nov 2020 00:24:43 GMT
server: cloudflare
etag: "c7a6d4fbe3b842f796471868a480f608"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
cf-request-id: 0a49441cfc00004ab0881db000000001
accept-ranges: bytes
cf-ray: 65556fa7fbff4ab0-FRA
x-amz-meta-mtime: 1418557037

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 117 KB
38 KB 30ms
9ms Script
text/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F5B) /
Resource Hash: 0d55b5a0b62ac37b9814618b760df58e9801d4d1048f060fe12d5755c71dcaea

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: Z4tenUsAsnr+D5Jsa/xVZw==
age: 1290
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.6.2.min.js
content-length: 38131
x-ms-lease-status: unlocked
last-modified: Tue, 27 Apr 2021 17:57:41 GMT
server: ECAcc (frc/8F5B)
x-ms-meta-aijssdkver: 2.6.2
etag: 0x8D909A5F3A75E81
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 851de507-201e-0030-1901-5256ba000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable
x-ms-version: 2009-09-19
expires: Wed, 26 May 2021 08:24:33 GMT

GET
H2 200 _Incapsula_Resource
win.emilyslist.org/ 1 B
495 B 69ms
68ms Image
text/plain 99.86.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win.emilyslist.org/_Incapsula_Resource?SWKMTFSR=1&e=0.6284344735169154
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.2.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-2-60.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.6284344735169154
pragma: no-cache
cookie: ___utmvc=xgW4RHzwMpS9CdP7QiScCm4Rr1pkZ37BIEfoZ+UpgKnTTboWInYg2cq+vbWlVloweVvlB4WkYjEmxT68Sb/mDdwBWBN5W4o1+rFQMKi1lXPv+RgKybMvig5HjTqRiGUeiI83p4ysjAhs8h+1odrDFiJ2PKgnwaB9Tdqv/O1Ty1wF0t5CNHRwQI1WHkYo1wNU90tWeLWyjfamt+B8yuTnKaloVnD7JxfL4XctdCKVuz5QB2tHYXvh41e5f8B9h27dYQv7Z7l56CflgUuTB6XDtd7lAHxFDp/Ta9buxe5yMhawAuoOPEDab+3/1wv6FK6AYsiAjop6gT/OsWpjkMonHv1OMJklHzpucRbViAxTtmVLuxTbDRmGyBOXCWCdYxC8KSMAw1I8/O9RtHC/jGasc9lv6xRIvnm6jcVfvcNVJ0ct59Kv7jM3PvT3ZWvNJaNgMMZNGPCFNTCqhha+ObSoxuA1FJGElFt66k+qkgnIlR285dWexiLlTnXqSJ9Guv23Jyrfk84fafxX3Xc6DzxZjJSscKb35+kK/LAOcdo2Nitg15dTDOI7m0VxF11jdH5dyMOQMXx/zrob2nJSIHDMkxE9ecnSbtfh2vw9NwdQisB8rplFPWVW2Re4zQnWK6t4edIXK1lIUVDK5ktatH8bWF4nznkseBKUfoIeFAFVeHtUkDCcE+gut14qPBoHH/aeZs2mYRi3aFseVlFrwG7zp5+uoIKo8YfHluhokimCc6gakfIhq/v9Zp/R3CNiNlPRcv/NLDV2k71Hd9ThdGbxCRkLos9iu033vJe1oOk1QcrSADLUqT8SAYvqyWDKrY7ydzVUiM4fwReRHkHyNRqAHMnYU/eqst8k/TLEZ9u7hIVHiNaJEiQpuBpUN0gxxDZoIoHQsdCm37taXB+DJJum6x7YVaik8yS3OxNe/m91V2QkYYp6nq+sB3zSldP1FJXfYoEYRkgF27t05jNQT2f4IMmvfUgx5RGLdYP5M1UdrXw6HlQVH+OWT2WDYg/4TnXDyt5jvuxEOxpRJohmz00agCoDkBmSqdWZ1OQMqNWghHkzQgT7N9lWcvp4yLX7hq2TfOQ3mtz/ddWJ38+G1qsr8AFaADzS51+KshrLOvHfHEymBKtOsTmUx0euMcdxDA+ofLS8hHPMzCvZwbjyPKAGWlxzA1M/2242yZljgXoSgICDI0N2YaadYyJ/BvF8fNMVs7tEKPz68ZRveiGu5UN3TCREObzIDUEA6sO4JFvBALBthvqz7HK04mszyV0gZI/20fev3fLQ7scPkfSV93qro2Coj/oTuNxC19ldPZZPFE4P6nZiNBIbYROoumzzAYe7JKqRxnQhc+PfU4WOOBCk4NmwNV1F13ntSuO/M0UJoGNq5gbFcqn3oJqz3x3PLMCFXR20r/5ZdkTvUPg4Mt1yFDMvLkGaFS+AzeqL9bdHxjH1SoutYHvIcBdRolnijGQYK2wU1EI2xXEuH6AODXI2e3XCnrpHQGbgC5EEep0ioFvVvVfXjVlAhspsULiZWo3UNegicQyR+1w3G6viTBkWUtklaL2WyUIMN6xikJeKdQo2E2SBx5aQHIjXuBEQMZYKawar3Kh/Na2sZqMIymxbfoxD/eEXGonCMgOQH/vtM4NUu7ifbS6PNxry6Qv9ZDd5XduDX/2qoAaKsGm+zT7bHb/nI3zPhJ7HfLH2JkZhSpY/KsWOL1jqbRU9y/pemgih2OdbLXxfMqlllUnP9M+77bCt8KGX02i54sBHtA398acmlpArAGgY3e4vbwkVO3TZf7opCrjFRC5m4ZJ1r8plJPu0WI63CTcamYKbu8+6UcH8HxkPZ2Y8fsmANPb0hNNkOA+YTdM1ArtSQ4mI2co7vYxVS5AgqEI4oqYnjaB/N07LcLtD2zYJZb9MxCLYaeh/MqjScBnPg/AyNyGhmTyXvdK9OA7xXMK/BAntLWZXle/BaaOpF8E1TwcW/+jOXhamCLnlRj9y7wCq7UF558Ak/uI5d5ycBShrxWEVZGAVzAFlxlvl+PThIoo0vZ4ddXUsZGlnZXN0PSxzPU5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTg==
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: win.emilyslist.org
referer: https://win.emilyslist.org/a/20210525_textb_onnotice
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
content-type: text/plain
cache-control: no-cache, no-store
set-cookie: visid_incap_2302165=JQPlh1QwQxmKyTeCNXnNfrj+rWAAAAAAQUIPAAAAAAByLeEZjVokY68Icp7fNfXc; expires=Wed, 25 May 2022 17:48:28 GMT; HttpOnly; path=/; Domain=.everyaction.com incap_ses_246_2302165=kw/XHJ3+XFh7PZIvBvhpA7j+rWAAAAAA8WwcBzCzL3y8Ef/whauS1g==; path=/; Domain=.everyaction.com
x-robots-tag: noindex
content-length: 1
x-amz-cf-id: vMX5i1Nr186hOCccSWXq37KgY9kmsWq0_6aO8ndoqsmh_TzkgzK2VQ==

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 15ms
14ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-M62C5J&cv=81&v=3&t=t&pid=1496116403&rv=5j0&es=1&e=gtm.js&eid=1&tc=51&tr=1paused.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1cl.1fsl.1fsl.1fsl.6paused.6paused.6paused.6paused.6paused.6paused.6paused.6paused.6paused.5cl.5fsl.5fsl.5fsl&ti=1paused.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1cl.1fsl.1fsl.1fsl.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1paused.1cl.1fsl.1fsl.1fsl&z=0

Requested by

Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 26 May 2021 07:54:33 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
761 B 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:20:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2016
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
expires: Wed, 26 May 2021 08:20:57 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=358963090&t=pageview&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEIRAAAAAC~&jid=1440260091&gjid=140841618&cid=1869200700.1622015674&tid=UA-3105744-1&_gid=860818215.1622015674&_r=1&_slc=1&z=1182547272

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 07:54:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win.emilyslist.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 566ms
476ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

138c6116a8c64ee462dfdaa4fc4cbe388d6939f9676bdf60fe2f7323b3e6a92e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 2-19869221-19869222 2NNN RT(1622015673373 0) q(0 0 0 0) r(5 5)
x-cdn: Imperva
content-type: text/javascript; charset=utf-8
content-length: 190
etag: W/"48-2evqWNwF8lQ/TOPSdcP2VuUkb5g"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
36 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ac78d3ec3c794d18501f3da5d08349a6159d9f13a1acb7525955e3151700ce23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37015
x-xss-protection: 0
last-modified: Wed, 26 May 2021 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 26 May 2021 07:54:33 GMT

GET
H2 200 extra.min.css
d3rse9xjbp8270.cloudfront.net/ 92 KB
16 KB 10ms
10ms Stylesheet
text/css 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 819fb6b2e366061ead7e15a3dc29b6e268adb53fb033ee2e8798675ae476cb16

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 25 May 2021 15:04:02 GMT
content-encoding: gzip
age: 60632
x-cache: Hit from cloudfront
content-length: 15885
access-control-allow-origin: *
last-modified: Tue, 25 May 2021 15:03:54 GMT
server: AmazonS3
etag: "636fc3fd1e0f5e85015a2f529f820c26"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=900, s-maxage=86400, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: WSN04BLiHRn1RtngkajmamNi_6qv9gnq9SfwN_OTnaWv-9NQMNtAFQ==

GET
H/1.1 200
OK 9ZIypFg-EkupFjWmDridXA2 Show response
secure.everyaction.com/v1/Forms/ 20 KB
8 KB 648ms
564ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/9ZIypFg-EkupFjWmDridXA2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

b403a0a0db80e1809df926c4c1a3387f03dd3ac2f20c59b9fe321b2e77b92e44

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-CDN: Imperva
X-Iinfo: 9-17581105-17581107 NNNN CT(104 241 0) RT(1622015673405 40) q(0 0 3 1) r(5 5) U18
Content-Length: 6776
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Frame-Options: SAMEORIGIN
Date: Wed, 26 May 2021 07:54:33 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://win.emilyslist.org
Access-Control-Expose-Headers: Request-Context
Cache-Control: public, max-age=10
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-M62C5J&cv=81&v=3&t=t&pid=1496116403&rv=5j0&es=1&e=gtm.dom&eid=3&tc=51&z=0

Requested by

Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 26 May 2021 07:54:34 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/3Ate0GXd1Wm06gOgre5rgCFj/ 2 B
943 B 573ms
510ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/3Ate0GXd1Wm06gOgre5rgCFj/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:34 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: Express, ASP.NET
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://win.emilyslist.org
x-iinfo: 8-13210536-13210538 NNNN CT(-1 -1 2) RT(1622015673930 0) q(0 0 3 0) r(4 4) U12
access-control-allow-credentials: true
content-length: 123
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 1.css
fast.fonts.net/t/ 0
285 B 19ms
19ms Stylesheet
text/css 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=js&projectid=f47d9bb0-4b16-4bd8-bf76-4d42c856a86a
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:34 GMT
cf-cache-status: HIT
age: 402455
cf-ray: 65556fad0cd14e9e-FRA
content-length: 0
x-amz-id-2: vyvMPhyBGTBLpNoj05il9/p2k36OZUEyfegBNY+I6GIuyc1n3LO+LYmK+AOpIDkPvdAm//9D8eA=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-request-id: 7EA152CK72F6CFW6
cache-control: public, max-age=0, s-maxage=604800
cf-request-id: 0a4944202400004e9e320a1000000001
accept-ranges: bytes
content-type: text/css; charset=utf-8
x-amz-meta-mtime: 1519217722

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
236 B 668ms
667ms XHR
application/json 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

10163790c78b3eb4816880a34f31c3c8fca656e31d321a57719e4e463c8cb0c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
Sdk-Context: appId
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-type: application/json

Response headers

x-ms-session-id: FA949174-A848-48C3-B480-964A3EC52914
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 26 May 2021 07:54:34 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 96

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 214ms
61ms Preflight 13.69.106.212
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.106.212 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://win.emilyslist.org
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Wed, 26 May 2021 07:54:33 GMT
content-length: 0

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 21ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=358963090&t=timing&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utl=v1&utt=668&_u=aGDAAEIRAAAAAC~&jid=2112499677&gjid=847483712&cid=1869200700.1622015674&tid=UA-28243511-22&_gid=860818215.1622015674&_r=1&gtm=2wg5j05L2FSL&z=476170398

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 07:54:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win.emilyslist.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 1478
date: Wed, 26 May 2021 07:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 26 May 2021 09:29:56 GMT

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 560ms
532ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1622015674609=

Requested by

Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

c37d3451dd205c601cf0d6c6a0980c4e92524e53b6b4c8fd3fb8fb8c96db812d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000; includeSubdomains
via: 1.1 vegur
x-content-type-options: nosniff
server: Cowboy
content-encoding: gzip
x-powered-by: Express
vary: Accept-Encoding
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 2-19869322-19869323 NNYN CT(103 210 0) RT(1622015674122 0) q(0 0 3 1) r(5 5) U18
cache-control: max-age=0
date: Wed, 26 May 2021 07:54:35 GMT
etag: W/"ba-/+LO1Y8Rp3oFFHJCSQmf3L0iLlY"
content-type: text/javascript; charset=utf-8
x-cdn: Imperva
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/png

GET
H2 200 glyphicons-regular.woff2
d3rse9xjbp8270.cloudfront.net/assets/fonts/ 94 KB
95 KB 9ms
8ms Font
application/font-woff2 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/fonts/glyphicons-regular.woff2
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

Origin: https://win.emilyslist.org
Referer: https://d3rse9xjbp8270.cloudfront.net/at.min.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 25 May 2021 12:10:58 GMT
via: 1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
age: 71017
x-cache: Hit from cloudfront
content-length: 96388
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "aca35251952e72d9e32d41217f0f97ab"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Uw_BRIrgx1QYMnOAzE5UF0_5hSAgQhd49pgK1QHSaNtH3-VI-A3rDA==

GET
H2 200 ba8a74cc-5f23-46d7-916d-f959de93d730.woff2
fast.fonts.net/dv2/14/ 18 KB
18 KB 452ms
451ms Font
application/octet-stream 2606:4700::6811:e04e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/ba8a74cc-5f23-46d7-916d-f959de93d730.woff2?d44f19a684109620e484167eae90e81887da62a49a710a81599a3c42d7777e7bf85c9eaae17de5acc70bbfd66cd7a91f83a4a31d5aeca1abc550cc037e097d121b52064209d86e62745ebb63cc8e123d001ccc3555ebde58125f44274e6e4da357831c04c3cad9fd6ab8a00676b1b23d197456aaa2677f9ceedb6a80c356629014dbea870a9159917237cb5bfaab9eb735895e8a3b4ac63813c3627e9c3695b8746720885655d804337febd4573a68c4a68f9ad8a7f36eec9e2b9c2fb9617574d61856cbb4b9696e15140adc4c751c8bf76ff2858a289a671fb547831f42ee0e817d5cdc07ef3591bf01f7c3c6567786ea5c818a3dc778ee7bfb29ce912ec491f1886157b740dfe3e81c0c7ed335a5f7b4f899aa2ef4d1&projectId=f47d9bb0-4b16-4bd8-bf76-4d42c856a86a
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:e04e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f36ba717c9d08ccea23ed5af46bcfc49ab10163e980890fbb6b06d5cdf3d287b

Request headers

Origin: https://win.emilyslist.org
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 26 May 2021 07:54:35 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: CHRWYNM34KWZAJR0
content-length: 18076
x-amz-id-2: yS3oVxGCTci4xs7bOKnE1sZ7LIcedlhEuZcjssapx1gO6baC40+fZCp6q878FO3Hflt4QiM2Enk=
expires: Wed, 26 May 2021 11:54:35 GMT
last-modified: Sat, 14 Nov 2020 14:41:43 GMT
server: cloudflare
etag: "79a4c816d37cbf9c64d434af90f9c6e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=14400
cf-request-id: 0a4944210500004ab03ba4e000000001
accept-ranges: bytes
cf-ray: 65556fae6b074ab0-FRA
x-amz-meta-mtime: 1481084704

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=358963090&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Minimal&ev=18&_u=aGDAAEIRAAAAAC~&jid=908390344&gjid=1598131364&cid=1869200700.1622015674&tid=UA-28243511-20&_gid=860818215.1622015674&_r=1&gtm=2wg5j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FTSM%2FTSMEL%2F1%2F87069&cd3=4892638&cd4=1043264&cd5=20210525_textb_OnNotice&cd6=9ZIypFg-EkupFjWmDridXA2&z=477189970

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 26 May 2021 07:54:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win.emilyslist.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
87 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-28243511-20&cid=1869200700.1622015674&jid=796929321&gjid=1667483750&_gid=860818215.1622015674&_u=aGDAgEIRAAAAAG~&z=1381602365

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 07:54:34 GMT
content-type: text/plain
access-control-allow-origin: https://win.emilyslist.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gtmtools.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 5 KB
2 KB 7ms
7ms Script
application/javascript 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/gtmtools.js?v=20201015
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3640790896e1e02b28458ca856ec1009e6c9e5b5d4331333f5d216e70cd9aed2

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 18 May 2021 00:07:13 GMT
content-encoding: gzip
age: 719242
x-cache: Hit from cloudfront
content-length: 1161
access-control-allow-origin: *
last-modified: Thu, 15 Oct 2020 10:14:54 GMT
server: AmazonS3
etag: "b16ec9d34ecd972a365497b12bd66949"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: iNVvndqqEHgDQheCZSJgn-VJ8Y1bDg8RmwVBsrh9PRAmc2hJ80ht_g==

GET
H/1.1 200
OK Landing-Page-Background_Pelosi-Swearing-In.png
nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/sitewide_image_assets/Template%20Images/ 2 MB
2 MB 182ms
181ms Image
image/png 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/sitewide_image_assets/Template%20Images/Landing-Page-Background_Pelosi-Swearing-In.png
Requested by: Host: win.emilyslist.org
URL: https://win.emilyslist.org/a/20210525_textb_onnotice
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: fd85f3f62df6e8da31d6de25d4febcc1dc9eddb481e1e6b42959c8193faee8f6

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 May 2021 07:54:34 GMT
Last-Modified: Mon, 22 Mar 2021 01:25:56 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D8ECD1717A66D6
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 5f62cdf3-c01e-0107-5a04-52a128000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 2068862

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 229 KB
52 KB 9ms
8ms Script
application/javascript 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 15 Apr 2021 00:53:34 GMT
content-encoding: gzip
age: 3567661
x-cache: Hit from cloudfront
content-length: 52457
access-control-allow-origin: *
last-modified: Thu, 03 Oct 2019 17:12:46 GMT
server: AmazonS3
etag: "0e171f16b707862d9a5a9168f0edc967"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: z1LtLwnyr7iCcJqiyFuu1lK52vcEXUtV9rc0RtQSBXFS0QJ_UNdZDQ==

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

GET
H2 200 flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 20 KB
20 KB 9ms
8ms Image
image/png 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Mon, 12 Apr 2021 05:07:13 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 3811642
x-cache: Hit from cloudfront
content-length: 20389
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "4e54a2ee652e9cddbd4ef6f8c46e5390"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: PzC9oHlDwfeenff61wxkJqHm8cGDG-eXhQsOL1QbzZbND1ufXlIGyw==

GET
H2 200 cc.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 3 KB
4 KB 10ms
9ms Image
image/png 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/cc.png
Requested by: Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 06 Feb 2021 04:13:16 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 9430879
x-cache: Hit from cloudfront
content-length: 3392
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: kF92rXTd68-nMqaKgMrT0Dy-tbpAKPh_evCP4G3ABqHI27xYrTTQew==

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=358963090&t=pageview&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEIRAAAAAC~&jid=796929321&gjid=1667483750&cid=1869200700.1622015674&tid=UA-28243511-20&_gid=860818215.1622015674&gtm=2wg5j05L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FTSM%2FTSMEL%2F1%2F87069&cd3=4892638&cd4=1043264&cd5=20210525_textb_OnNotice&cd6=9ZIypFg-EkupFjWmDridXA2&z=1121950479

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=358963090&t=timing&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utl=v1&utt=100&_u=aGDAAEIRAAAAAG~&jid=&gjid=&cid=1869200700.1622015674&tid=UA-28243511-22&_gid=860818215.1622015674&gtm=2wg5j05L2FSL&z=567723542

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK paypal_logo.png
nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/sitewide_image_assets/ 2 KB
2 KB 565ms
145ms Image
image/png 52.239.157.138
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/TSM/TSMEL/1/87069/images/sitewide_image_assets/paypal_logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 580080ec27ea79cc4d38a27d115989aafe4d325e17a35b7547139e05f5b62360

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 26 May 2021 07:54:34 GMT
Last-Modified: Tue, 02 Mar 2021 16:29:55 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D8DD9869CED76D
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: faa2c8b6-a01e-0075-2f04-529643000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 1817

GET
H/1.1 200
OK 9ZIypFg-EkupFjWmDridXA2
secure.everyaction.com/v1/Track/ 0
927 B 153ms
152ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/9ZIypFg-EkupFjWmDridXA2?formSessionId=68704bb4-5eb0-4efd-8618-0311abf003c9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Wed, 26 May 2021 07:54:34 GMT
X-Frame-Options: SAMEORIGIN
X-Iinfo: 9-17581105-17581107 SNNN RT(1622015673405 1009) q(0 0 0 0) r(1 1) U2
Access-Control-Expose-Headers: Request-Context
Cache-Control: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: -1

GET
H2 200 fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ 9 KB
9 KB 10ms
8ms Image
image/svg+xml 2600:9000:2156:be00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:be00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

date: Tue, 25 May 2021 14:44:30 GMT
via: 1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
age: 61805
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Wed, 08 Jan 2020 18:06:45 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: clyG0chi0n2DQzbTQDL1nlx6P-gbW7H76JU1L8_k9x4DxXzAv1zkKA==

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=358963090&t=timing&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utl=v1&utt=178&_u=aGDAAEIRAAAAAG~&jid=&gjid=&cid=1869200700.1622015674&tid=UA-28243511-22&_gid=860818215.1622015674&gtm=2wg5j05L2FSL&z=1363068654

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=358963090&t=timing&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utl=v1&utt=8&_u=aGDAAEIRAAAAAG~&jid=&gjid=&cid=1869200700.1622015674&tid=UA-28243511-22&_gid=860818215.1622015674&gtm=2wg5j05L2FSL&z=347178964

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=358963090&t=timing&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utl=v1&utt=1037&_u=aGDAAEIRAAAAAG~&jid=&gjid=&cid=1869200700.1622015674&tid=UA-28243511-22&_gid=860818215.1622015674&gtm=2wg5j05L2FSL&z=321975495

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
9ms Image
image/gif 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=358963090&t=timing&_s=1&dl=https%3A%2F%2Fwin.emilyslist.org%2Fa%2F20210525_textb_onnotice&ul=en-us&de=UTF-8&dt=EMILY%27s%20List%3A%20Support%20Democratic%20Pro-Choice%20Women&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=1110&_u=aGDAAEIRAAAAAG~&jid=&gjid=&cid=1869200700.1622015674&tid=UA-28243511-22&_gid=860818215.1622015674&gtm=2wg5j05L2FSL&z=1545834112

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Tue, 25 May 2021 10:16:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77897
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 35ms
16ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-28243511-20&cid=1869200700.1622015674&jid=908390344&gjid=1598131364&_gid=860818215.1622015674&_u=aGDAAEIRAAAAAC~&z=1142725210

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 26 May 2021 07:54:34 GMT
content-type: text/plain
access-control-allow-origin: https://win.emilyslist.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame 2974 364 B
910 B 188ms
58ms Document
text/html 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2603839101296200591&formId=randomId26025790307237330357&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Date: Tue, 25 May 2021 17:59:07 GMT
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 2xey1kFnhJr2Ed9Vhfs2-mVMTDgXgmeZgqqX9Oi5Xaw8-ncsFdZrDg==
Age: 50129

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame DC80 364 B
910 B 189ms
57ms Document
text/html 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2609771601123606493&formId=randomId26025790307237330357&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077

Request headers

Host: js.verygoodvault.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice

Response headers

Content-Type: text/html
Content-Length: 364
Connection: keep-alive
Date: Tue, 25 May 2021 17:59:07 GMT
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
ETag: "9ccd2ada3eb09f1091deab9e7f29cd73"
x-amz-version-id: Y32ydhKm.okR8ywruNeZz3X7lZoLPNyq
Accept-Ranges: bytes
Server: AmazonS3
Access-Control-Allow-Origin: *
X-Cache: Hit from cloudfront
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: mwEuvTpgl_xnlq61uahG6LLNz6Ne2E3Tlii-89qSEFud8XWJd-v2CA==
Age: 50129

GET
H/1.1 204
No Content 3Ate0GXd1Wm06gOgre5rgCFj Show response
secure.everyaction.com/Databag/Profile/ 0
1 KB 220ms
165ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/3Ate0GXd1Wm06gOgre5rgCFj

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-CDN: Imperva
Date: Wed, 26 May 2021 07:54:34 GMT
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Origin: https://win.emilyslist.org
X-Iinfo: 9-17581105-17581107 SNNN RT(1622015673405 1161) q(0 0 0 0) r(2 2) U11
Access-Control-Expose-Headers: Request-Context
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 3Ate0GXd1Wm06gOgre5rgCFj Show response
secure.ngpvan.com/Databag/Profile/ 0
890 B 533ms
521ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/3Ate0GXd1Wm06gOgre5rgCFj

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-cdn: Imperva
date: Wed, 26 May 2021 07:54:34 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://win.emilyslist.org
x-iinfo: 2-19869339-19869340 NNNN CT(105 230 0) RT(1622015674550 0) q(0 0 3 1) r(5 5) U11
access-control-expose-headers: Request-Context
cache-control: private
access-control-allow-credentials: true
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 204 3Ate0GXd1Wm06gOgre5rgCFj Show response
win.emilyslist.org/Databag/Profile/ 0
1 KB 265ms
264ms XHR
text/plain 99.86.2.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://win.emilyslist.org/Databag/Profile/3Ate0GXd1Wm06gOgre5rgCFj

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.2.60 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-2-60.fra6.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
cookie: ___utmvc=xgW4RHzwMpS9CdP7QiScCm4Rr1pkZ37BIEfoZ+UpgKnTTboWInYg2cq+vbWlVloweVvlB4WkYjEmxT68Sb/mDdwBWBN5W4o1+rFQMKi1lXPv+RgKybMvig5HjTqRiGUeiI83p4ysjAhs8h+1odrDFiJ2PKgnwaB9Tdqv/O1Ty1wF0t5CNHRwQI1WHkYo1wNU90tWeLWyjfamt+B8yuTnKaloVnD7JxfL4XctdCKVuz5QB2tHYXvh41e5f8B9h27dYQv7Z7l56CflgUuTB6XDtd7lAHxFDp/Ta9buxe5yMhawAuoOPEDab+3/1wv6FK6AYsiAjop6gT/OsWpjkMonHv1OMJklHzpucRbViAxTtmVLuxTbDRmGyBOXCWCdYxC8KSMAw1I8/O9RtHC/jGasc9lv6xRIvnm6jcVfvcNVJ0ct59Kv7jM3PvT3ZWvNJaNgMMZNGPCFNTCqhha+ObSoxuA1FJGElFt66k+qkgnIlR285dWexiLlTnXqSJ9Guv23Jyrfk84fafxX3Xc6DzxZjJSscKb35+kK/LAOcdo2Nitg15dTDOI7m0VxF11jdH5dyMOQMXx/zrob2nJSIHDMkxE9ecnSbtfh2vw9NwdQisB8rplFPWVW2Re4zQnWK6t4edIXK1lIUVDK5ktatH8bWF4nznkseBKUfoIeFAFVeHtUkDCcE+gut14qPBoHH/aeZs2mYRi3aFseVlFrwG7zp5+uoIKo8YfHluhokimCc6gakfIhq/v9Zp/R3CNiNlPRcv/NLDV2k71Hd9ThdGbxCRkLos9iu033vJe1oOk1QcrSADLUqT8SAYvqyWDKrY7ydzVUiM4fwReRHkHyNRqAHMnYU/eqst8k/TLEZ9u7hIVHiNaJEiQpuBpUN0gxxDZoIoHQsdCm37taXB+DJJum6x7YVaik8yS3OxNe/m91V2QkYYp6nq+sB3zSldP1FJXfYoEYRkgF27t05jNQT2f4IMmvfUgx5RGLdYP5M1UdrXw6HlQVH+OWT2WDYg/4TnXDyt5jvuxEOxpRJohmz00agCoDkBmSqdWZ1OQMqNWghHkzQgT7N9lWcvp4yLX7hq2TfOQ3mtz/ddWJ38+G1qsr8AFaADzS51+KshrLOvHfHEymBKtOsTmUx0euMcdxDA+ofLS8hHPMzCvZwbjyPKAGWlxzA1M/2242yZljgXoSgICDI0N2YaadYyJ/BvF8fNMVs7tEKPz68ZRveiGu5UN3TCREObzIDUEA6sO4JFvBALBthvqz7HK04mszyV0gZI/20fev3fLQ7scPkfSV93qro2Coj/oTuNxC19ldPZZPFE4P6nZiNBIbYROoumzzAYe7JKqRxnQhc+PfU4WOOBCk4NmwNV1F13ntSuO/M0UJoGNq5gbFcqn3oJqz3x3PLMCFXR20r/5ZdkTvUPg4Mt1yFDMvLkGaFS+AzeqL9bdHxjH1SoutYHvIcBdRolnijGQYK2wU1EI2xXEuH6AODXI2e3XCnrpHQGbgC5EEep0ioFvVvVfXjVlAhspsULiZWo3UNegicQyR+1w3G6viTBkWUtklaL2WyUIMN6xikJeKdQo2E2SBx5aQHIjXuBEQMZYKawar3Kh/Na2sZqMIymxbfoxD/eEXGonCMgOQH/vtM4NUu7ifbS6PNxry6Qv9ZDd5XduDX/2qoAaKsGm+zT7bHb/nI3zPhJ7HfLH2JkZhSpY/KsWOL1jqbRU9y/pemgih2OdbLXxfMqlllUnP9M+77bCt8KGX02i54sBHtA398acmlpArAGgY3e4vbwkVO3TZf7opCrjFRC5m4ZJ1r8plJPu0WI63CTcamYKbu8+6UcH8HxkPZ2Y8fsmANPb0hNNkOA+YTdM1ArtSQ4mI2co7vYxVS5AgqEI4oqYnjaB/N07LcLtD2zYJZb9MxCLYaeh/MqjScBnPg/AyNyGhmTyXvdK9OA7xXMK/BAntLWZXle/BaaOpF8E1TwcW/+jOXhamCLnlRj9y7wCq7UF558Ak/uI5d5ycBShrxWEVZGAVzAFlxlvl+PThIoo0vZ4ddXUsZGlnZXN0PSxzPU5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTg==; _ga=GA1.2.1869200700.1622015674; _gid=GA1.2.860818215.1622015674; _gat=1; ai_user=YakzaibVwLeIEBX+XdsH5H|2021-05-26T07:54:33.870Z; ai_session=3S21LZUR4PuSh+hOPA4yv1|1622015673962|1622015673962; _gat_UA-28243511-22=1; _gat_UA-28243511-20=1; _dc_gtm_UA-28243511-20=1
request-id: |1f73d6512d804518901d1f1a8bc00ffb.ea1ca4803d28451c
:path: /Databag/Profile/3Ate0GXd1Wm06gOgre5rgCFj
pragma: no-cache
traceparent: 00-1f73d6512d804518901d1f1a8bc00ffb-ea1ca4803d28451c-01
user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
accept: */*
cache-control: no-cache
:authority: win.emilyslist.org
referer: https://win.emilyslist.org/a/20210525_textb_onnotice
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept: */*
Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
traceparent: 00-1f73d6512d804518901d1f1a8bc00ffb-ea1ca4803d28451c-01
Request-Id: |1f73d6512d804518901d1f1a8bc00ffb.ea1ca4803d28451c
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=31536000
via: 1.1 04599a8a3c6eb66f23e5ae02d1ec4cf2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-cdn: Imperva
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-iinfo: 14-99629329-99523010 pNNN RT(1622015672250 1863) q(0 0 0 1) r(2 2) U11
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
date: Wed, 26 May 2021 07:54:34 GMT
x-frame-options: SAMEORIGIN
access-control-allow-origin: *
access-control-expose-headers: Request-Context
cache-control: private
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
set-cookie: TiPMix=27.9119717552848; path=/; HttpOnly; Domain=edge-secure.everyaction.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=edge-secure.everyaction.com; Max-Age=3600; Secure ProfileDatabagId=3Ate0GXd1Wm06gOgre5rgCFj; domain=win.emilyslist.org; expires=Mon, 26-May-2031 07:54:35 GMT; path=/; Secure; SameSite=None nlbi_2302165=ZD6qL7jKJVFws8CNqNOdBgAAAAA7AO1j0VyEWdwUVKpHShIv; path=/; Domain=.everyaction.com visid_incap_2302165=JQPlh1QwQxmKyTeCNXnNfrj+rWAAAAAAQUIPAAAAAAByLeEZjVokY68Icp7fNfXc; expires=Wed, 25 May 2022 17:48:29 GMT; HttpOnly; path=/; Domain=.everyaction.com incap_ses_246_2302165=eOHDDyvuml57PZIvBvhpA7r+rWAAAAAASNc1Zy5QpPTOb7rB49cuSQ==; path=/; Domain=.everyaction.com
x-amz-cf-id: _6CkNEav2XN315NhWc6lJZZfalBkOJCX5HUq5lrTDErVfSlzJq8EcQ==

GET
H3-29 204 a
www.googletagmanager.com/ 0
17 B 14ms
14ms Image
image/gif 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-M62C5J&cv=81&v=3&t=t&pid=1496116403&rv=5j0&es=1&e=*&eid=24&u=C&tc=51&z=0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://win.emilyslist.org/a/20210525_textb_onnotice
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Wed, 26 May 2021 07:54:35 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.css
js.verygoodvault.com/vgs-collect/1/lib/ Frame 2974 74 KB
30 KB 70ms
70ms Stylesheet
text/css 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.css
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2603839101296200591&formId=randomId26025790307237330357&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2603839101296200591&formId=randomId26025790307237330357&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: cCbufO_ebum5aJCKWyZMP79Y8Ljox1pp
Content-Encoding: gzip
ETag: W/"82263942809c4598900333534c8d15f9"
Age: 69006
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Tue, 25 May 2021 20:27:40 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: JWChOEXDXkgZpI03h24kuLg3Do8Mgh3bWBqFN1SHiLs6caf6qRprVw==

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.js Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame 2974 285 KB
89 KB 69ms
69ms Script
application/javascript 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2603839101296200591&formId=randomId26025790307237330357&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-number&env=bGl2ZQ%3D%3D&fieldId=randomId2603839101296200591&formId=randomId26025790307237330357&name=Account&placeholder=%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2%20%E2%80%A2%E2%80%A2%E2%80%A2%E2%80%A2&tnt=dG50dzFwem5sYW0%3D&type=card-number&validations=validCardNumber&validations=required
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: u5eKO1e1oOiq8Z45mqgA.YXfbeZi8_AD
Content-Encoding: gzip
ETag: W/"cc5465b1fe8ef0d6a02482a43c893d62"
Age: 51905
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Tue, 25 May 2021 17:29:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 1NZNNuwEuvVzGuLKjReT2NWWXKuqMMcMYn7sFAmIBhffLmcp9nH5xg==

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.css
js.verygoodvault.com/vgs-collect/1/lib/ Frame DC80 74 KB
30 KB 157ms
62ms Stylesheet
text/css 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.css
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2609771601123606493&formId=randomId26025790307237330357&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2609771601123606493&formId=randomId26025790307237330357&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: cCbufO_ebum5aJCKWyZMP79Y8Ljox1pp
Content-Encoding: gzip
ETag: W/"82263942809c4598900333534c8d15f9"
Age: 69006
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Tue, 25 May 2021 20:27:40 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 3Og2LpKeutZO7UUzVI_2yva_R0UUDbkJ6UwTz8-jj1cnB0ZwJPv7IQ==

GET
H/1.1 200
OK application.79e1c4bdbd2f9f27a4a3.js Show response
js.verygoodvault.com/vgs-collect/1/lib/ Frame DC80 285 KB
89 KB 189ms
69ms Script
application/javascript 143.204.98.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2609771601123606493&formId=randomId26025790307237330357&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-2.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/1/lib/index.html?autoComplete=cc-exp&env=bGl2ZQ%3D%3D&fieldId=randomId2609771601123606493&formId=randomId26025790307237330357&name=ExpirationDate&placeholder=MM%20%2F%20YY&serializers=W3sibmFtZSI6InNlcGFyYXRlIiwib3B0aW9ucyI6eyJtb250aE5hbWUiOiJFeHBpcmF0aW9uTW9udGgiLCJ5ZWFyTmFtZSI6IkV4cGlyYXRpb25ZZWFyIn19XQ%3D%3D&tnt=dG50dzFwem5sYW0%3D&type=card-expiration-date&validations=validCardExpirationDate&validations=required
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: u5eKO1e1oOiq8Z45mqgA.YXfbeZi8_AD
Content-Encoding: gzip
ETag: W/"cc5465b1fe8ef0d6a02482a43c893d62"
Age: 51905
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Fri, 13 Dec 2019 10:04:14 GMT
Server: AmazonS3
Date: Tue, 25 May 2021 17:29:31 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: lotO_d7LZv0o2ojAn-tng9qh-gzsYAbkcWylS_lHJmN9CCZZupksRA==

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 2974 0
156 B 423ms
137ms XHR
text/plain 54.157.254.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.254.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-254-222.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Wed, 26 May 2021 07:54:36 GMT
vary: Origin
x-powered-by: Express
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame DC80 0
157 B 314ms
137ms XHR
text/plain 54.157.254.222
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://vgs-collect-keeper.apps.verygood.systems/vgs

Requested by

Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/1/lib/application.79e1c4bdbd2f9f27a4a3.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.157.254.222 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-157-254-222.compute-1.amazonaws.com

Software

/ Express

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Wed, 26 May 2021 07:54:36 GMT
vary: Origin
x-powered-by: Express
content-length: 0
strict-transport-security: max-age=15724800; includeSubDomains

GET
DATA 200
OK truncated
/ Frame 2974 11 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9ed23dcca982de6dc35daa8032fd829dae79d632c113b41538d3e3293138132

Request headers

Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_5 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/83.0.4103.88 Mobile/15E148 Safari/604.1

Response headers

Content-Type: image/svg+xml

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
win.emilyslist.org/	1970-01-19 18:33:37	Name: ai_session Value: 3S21LZUR4PuSh+hOPA4yv1\|1622015673962\|1622015673962
win.emilyslist.org/	1970-01-19 18:33:35	Name: ___utmvc Value: xgW4RHzwMpS9CdP7QiScCm4Rr1pkZ37BIEfoZ+UpgKnTTboWInYg2cq+vbWlVloweVvlB4WkYjEmxT68Sb/mDdwBWBN5W4o1+rFQMKi1lXPv+RgKybMvig5HjTqRiGUeiI83p4ysjAhs8h+1odrDFiJ2PKgnwaB9Tdqv/O1Ty1wF0t5CNHRwQI1WHkYo1wNU90tWeLWyjfamt+B8yuTnKaloVnD7JxfL4XctdCKVuz5QB2tHYXvh41e5f8B9h27dYQv7Z7l56CflgUuTB6XDtd7lAHxFDp/Ta9buxe5yMhawAuoOPEDab+3/1wv6FK6AYsiAjop6gT/OsWpjkMonHv1OMJklHzpucRbViAxTtmVLuxTbDRmGyBOXCWCdYxC8KSMAw1I8/O9RtHC/jGasc9lv6xRIvnm6jcVfvcNVJ0ct59Kv7jM3PvT3ZWvNJaNgMMZNGPCFNTCqhha+ObSoxuA1FJGElFt66k+qkgnIlR285dWexiLlTnXqSJ9Guv23Jyrfk84fafxX3Xc6DzxZjJSscKb35+kK/LAOcdo2Nitg15dTDOI7m0VxF11jdH5dyMOQMXx/zrob2nJSIHDMkxE9ecnSbtfh2vw9NwdQisB8rplFPWVW2Re4zQnWK6t4edIXK1lIUVDK5ktatH8bWF4nznkseBKUfoIeFAFVeHtUkDCcE+gut14qPBoHH/aeZs2mYRi3aFseVlFrwG7zp5+uoIKo8YfHluhokimCc6gakfIhq/v9Zp/R3CNiNlPRcv/NLDV2k71Hd9ThdGbxCRkLos9iu033vJe1oOk1QcrSADLUqT8SAYvqyWDKrY7ydzVUiM4fwReRHkHyNRqAHMnYU/eqst8k/TLEZ9u7hIVHiNaJEiQpuBpUN0gxxDZoIoHQsdCm37taXB+DJJum6x7YVaik8yS3OxNe/m91V2QkYYp6nq+sB3zSldP1FJXfYoEYRkgF27t05jNQT2f4IMmvfUgx5RGLdYP5M1UdrXw6HlQVH+OWT2WDYg/4TnXDyt5jvuxEOxpRJohmz00agCoDkBmSqdWZ1OQMqNWghHkzQgT7N9lWcvp4yLX7hq2TfOQ3mtz/ddWJ38+G1qsr8AFaADzS51+KshrLOvHfHEymBKtOsTmUx0euMcdxDA+ofLS8hHPMzCvZwbjyPKAGWlxzA1M/2242yZljgXoSgICDI0N2YaadYyJ/BvF8fNMVs7tEKPz68ZRveiGu5UN3TCREObzIDUEA6sO4JFvBALBthvqz7HK04mszyV0gZI/20fev3fLQ7scPkfSV93qro2Coj/oTuNxC19ldPZZPFE4P6nZiNBIbYROoumzzAYe7JKqRxnQhc+PfU4WOOBCk4NmwNV1F13ntSuO/M0UJoGNq5gbFcqn3oJqz3x3PLMCFXR20r/5ZdkTvUPg4Mt1yFDMvLkGaFS+AzeqL9bdHxjH1SoutYHvIcBdRolnijGQYK2wU1EI2xXEuH6AODXI2e3XCnrpHQGbgC5EEep0ioFvVvVfXjVlAhspsULiZWo3UNegicQyR+1w3G6viTBkWUtklaL2WyUIMN6xikJeKdQo2E2SBx5aQHIjXuBEQMZYKawar3Kh/Na2sZqMIymxbfoxD/eEXGonCMgOQH/vtM4NUu7ifbS6PNxry6Qv9ZDd5XduDX/2qoAaKsGm+zT7bHb/nI3zPhJ7HfLH2JkZhSpY/KsWOL1jqbRU9y/pemgih2OdbLXxfMqlllUnP9M+77bCt8KGX02i54sBHtA398acmlpArAGgY3e4vbwkVO3TZf7opCrjFRC5m4ZJ1r8plJPu0WI63CTcamYKbu8+6UcH8HxkPZ2Y8fsmANPb0hNNkOA+YTdM1ArtSQ4mI2co7vYxVS5AgqEI4oqYnjaB/N07LcLtD2zYJZb9MxCLYaeh/MqjScBnPg/AyNyGhmTyXvdK9OA7xXMK/BAntLWZXle/BaaOpF8E1TwcW/+jOXhamCLnlRj9y7wCq7UF558Ak/uI5d5ycBShrxWEVZGAVzAFlxlvl+PThIoo0vZ4ddXUsZGlnZXN0PSxzPU5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTk5hTg==
.emilyslist.org/	1970-01-19 18:33:35	Name: _gat Value: 1
win.emilyslist.org/	1970-01-20 03:19:11	Name: ai_user Value: YakzaibVwLeIEBX+XdsH5H\|2021-05-26T07:54:33.870Z
.emilyslist.org/	1970-01-19 18:35:02	Name: _gid Value: GA1.2.860818215.1622015674
.emilyslist.org/	1970-01-20 12:04:47	Name: _ga Value: GA1.2.1869200700.1622015674

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Downloading (v1): 667.70703125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Processing (v1): 100.4111328125 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Render (v1): 178.244140625 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Fill (v1): 8.22900390625 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Form (v1): 1037.01318359375 ms
console-api	debug	URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7) Message: Total: 1110.333984375 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

az416426.vo.msecnd.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
emilysli.st
emilyslist.org
fast.fonts.net
fastaction.ngpvan.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
p.alocdn.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
stats.g.doubleclick.net
vgs-collect-keeper.apps.verygood.systems
win.emilyslist.org
www.google-analytics.com
www.googletagmanager.com
13.69.106.212
143.204.202.73
143.204.98.18
143.204.98.2
2600:9000:2156:be00:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6811:e04e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2008
2a00:1450:400c:c04::9c
2a00:1450:400c:c08::9d
44.236.75.251
45.60.33.183
52.239.157.138
54.157.254.222
99.86.2.60
0d55b5a0b62ac37b9814618b760df58e9801d4d1048f060fe12d5755c71dcaea
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
0f78104ad0aee78370223f1cb4a1d60b5abdc42193183c1dbe90d48edc5f787a
10163790c78b3eb4816880a34f31c3c8fca656e31d321a57719e4e463c8cb0c0
138c6116a8c64ee462dfdaa4fc4cbe388d6939f9676bdf60fe2f7323b3e6a92e
15a2e567e0cd332fe8db4a82333fd854727e9c959beaeda54ece12aa07719353
17b50dc12f68ab2a03ca9f97c6ce481c1252780a1a075416fbd0d7759da5d1ad
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1eab213116a939568cf62f694878a9b532a065ff2bfbabd65b4537d5b9a5b385
27e7fd5d7e731d070e772e6c36e0637065b639fe1657332820e94f7382094ad6
299a23b9b93a60e526f608e6e4d2ddb2a2529d5c5e1ff7d23b35e873c154c82a
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
311c29c826afcd2099f906a06381f46ffde6c0159a1f7cc20e37a2584f2a7e7c
3640790896e1e02b28458ca856ec1009e6c9e5b5d4331333f5d216e70cd9aed2
400ca615d64758a3d41ae7fd9894eab9ccf58bc53954902d11627805baf1a14c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47eaed42f703bb0f06ba33a785d63b4fcb7e88eac47cc217a70dc2c7ccefea72
580080ec27ea79cc4d38a27d115989aafe4d325e17a35b7547139e05f5b62360
58e2626c7a2cecb56356ffa6bdc7076c0bacdd58f919929262f30cf2e0ce2442
5b61c92c98d8dbc8a7b3e3f251b5c7d0e3bab93228c929ff9247427c887ac7c1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f9a923144f0760adcea2115cb915ff5b79302118e6005d8095a6db62cf95339
819fb6b2e366061ead7e15a3dc29b6e268adb53fb033ee2e8798675ae476cb16
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f8835ea74f1cdfc77294c6b9296954273d3156cc2352ecbcbe6c7fa1d2d3873
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
ac78d3ec3c794d18501f3da5d08349a6159d9f13a1acb7525955e3151700ce23
b403a0a0db80e1809df926c4c1a3387f03dd3ac2f20c59b9fe321b2e77b92e44
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
b9ed23dcca982de6dc35daa8032fd829dae79d632c113b41538d3e3293138132
ba90627f68e8ca7922393357f47d6c6fc746a5c7abb08545e5bdfe2331160e81
baabd45776063be9a10446356ce4def2f1a157f7337d2e976bae0f9a30cb2a76
c37d3451dd205c601cf0d6c6a0980c4e92524e53b6b4c8fd3fb8fb8c96db812d
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d80fc8c0cc52b5b894facc0ce5ec6ea3ece6de521244eed51ce28f3c79120077
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36ba717c9d08ccea23ed5af46bcfc49ab10163e980890fbb6b06d5cdf3d287b
f8c0ec387544b738a9776d4759b30a9f499b3515a67c9df54a72fb47f7b6243a
fd85f3f62df6e8da31d6de25d4febcc1dc9eddb481e1e6b42959c8193faee8f6
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

win.emilyslist.org Open in urlscan Pro 99.86.2.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

100 %HTTPS

47 %IPv6

15 Domains

18 Subdomains

17 IPs

4 Countries

3284 kBTransfer

5278 kBSize

6 Cookies

9 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

win.emilyslist.org Open in urlscan Pro
99.86.2.60 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

100 %
HTTPS

47 %
IPv6

15
Domains

18
Subdomains

17
IPs

4
Countries

3284 kB
Transfer

5278 kB
Size

6
Cookies

65 HTTP transactions
3 data transactions