secure.everyaction.com Open in urlscan Pro
45.60.33.183 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Effective URL:
https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Submission: On July 11 via manual (July 11th 2018, 10:47:27 am UTC) from US

Summary HTTP 49 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 49 HTTP transactions. The main IP is 45.60.33.183, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is secure.everyaction.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on January 19th 2017. Valid for: 2 years.

This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 13	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
1	205.185.208.52 205.185.208.52	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
1	173.236.239.249 173.236.239.249	26347 (DREAMHOST-AS) (DREAMHOST-AS - New Dream Network)
3	137.116.3.20 137.116.3.20	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
2	54.230.14.237 54.230.14.237	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	152.199.19.160 152.199.19.160	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST - MCI Communications Services)
1 8	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	40.114.13.25 40.114.13.25	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
5	54.230.14.184 54.230.14.184	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2 2	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER - Twitter Inc.)
1	204.109.13.121 204.109.13.121	22510 (BRAINTREE...) (BRAINTREEPAYMENTSOLUTIONS - Braintree Payment Solutions)
2	52.169.64.244 52.169.64.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	104.108.47.187 104.108.47.187	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
49	17

13 45.60.33.183 (Redwood City, United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)

secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
actions.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.236.239.249 (Brea, United States)

ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US)
PTR: wp447697.dreamhost.com

jewishvoiceforpeace.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.116.3.20 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
PTR: blob.bn1prdstr05a.store.core.windows.net

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.230.14.237 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-14-237.ams1.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.19.160 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticxx.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::200e (Ireland) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.114.13.25 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.230.14.184 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-230-14-184.ams1.r.cloudfront.net

d1aqhv4sn5kxtx.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.136 (San Francisco, United States) 2 redirects

ASN13414 (TWITTER - Twitter Inc., US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.109.13.121 (United States)

ASN22510 (BRAINTREEPAYMENTSOLUTIONS - Braintree Payment Solutions, LLC, US)
PTR: api.braintreegateway.com

api.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.169.64.244 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.47.187 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-108-47-187.deploy.static.akamaitechnologies.com

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	everyaction.com 1 redirects secure.everyaction.com actions.everyaction.com	38 KB
8	google-analytics.com 1 redirects www.google-analytics.com	15 KB
7	cloudfront.net d1aqhv4sn5kxtx.cloudfront.net	370 KB
6	twitter.com 2 redirects platform.twitter.com syndication.twitter.com	35 KB
4	ngpvan.com profile.ngpvan.com fastaction.ngpvan.com secure.ngpvan.com	4 KB
3	doubleclick.net stats.g.doubleclick.net	306 B
3	windows.net nvlupin.blob.core.windows.net	2 MB
2	visualstudio.com dc.services.visualstudio.com	930 B
2	googletagmanager.com www.googletagmanager.com	44 KB
1	paypal.com checkout.paypal.com	13 KB
1	braintreegateway.com api.braintreegateway.com	1 KB
1	facebook.com staticxx.facebook.com
1	facebook.net connect.facebook.net	65 KB
1	msecnd.net az416426.vo.msecnd.net	21 KB
1	jewishvoiceforpeace.org jewishvoiceforpeace.org	7 KB
1	jquery.com code.jquery.com	35 KB
49	16

	Domain	Requested by
9	secure.everyaction.com	1 redirects secure.everyaction.com az416426.vo.msecnd.net
8	www.google-analytics.com	1 redirects www.googletagmanager.com secure.everyaction.com
7	d1aqhv4sn5kxtx.cloudfront.net	secure.everyaction.com d1aqhv4sn5kxtx.cloudfront.net www.googletagmanager.com www.google-analytics.com
4	platform.twitter.com	secure.everyaction.com platform.twitter.com
3	stats.g.doubleclick.net	secure.everyaction.com
3	nvlupin.blob.core.windows.net	secure.everyaction.com d1aqhv4sn5kxtx.cloudfront.net
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	actions.everyaction.com	az416426.vo.msecnd.net secure.everyaction.com
2	syndication.twitter.com	2 redirects
2	profile.ngpvan.com	d1aqhv4sn5kxtx.cloudfront.net az416426.vo.msecnd.net
2	www.googletagmanager.com	secure.everyaction.com d1aqhv4sn5kxtx.cloudfront.net
1	checkout.paypal.com
1	api.braintreegateway.com	d1aqhv4sn5kxtx.cloudfront.net
1	secure.ngpvan.com	az416426.vo.msecnd.net
1	fastaction.ngpvan.com	d1aqhv4sn5kxtx.cloudfront.net
1	staticxx.facebook.com	connect.facebook.net
1	connect.facebook.net	secure.everyaction.com
1	az416426.vo.msecnd.net	secure.everyaction.com
1	jewishvoiceforpeace.org	secure.everyaction.com
1	code.jquery.com	secure.everyaction.com
49	20

This site contains links to these domains. Also see Links.

Domain
fastaction.ngpvan.com
jewishvoiceforpeace.org
jvp.org

Subject Issuer	Validity	Valid
*.everyaction.com Go Daddy Secure Certificate Authority - G2	`2017-01-19` - `2019-03-20`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2017-12-15` - `2019-03-22`	a year	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2017-12-02` - `2018-12-05`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Frame ID: F653411F6E9784FF62ED2D05CFFC481D
Requests: 47 HTTP requests in this frame

Frame: https://staticxx.facebook.com/connect/xd_arbiter/r/1e2RywyANNe.js?version=42
Frame ID: 54276CB88C975DA0D688896577CCCB15
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html?origin=https%3A%2F%2Fsecure.everyaction.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: E35C5CF287EB43A2866494D079B8DE0D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: DFFD613EC8752BEF84F1CBE4DE65D1B4
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: A66A1144FEAC7FE8F9A865333A4F1EB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2 HTTP 301
https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2 Page URL

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Backbone.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

env /^Backbone$/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
env /^gaGlobal$/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^google_tag_manager$/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
script /jquery.*\.js/i
env /^jQuery$/i

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

env /^Backbone$/i

Page Statistics

49
Requests

29 %
HTTPS

29 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

3079 kB
Transfer

4371 kB
Size

12
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/your-electronic-communication-rights/
Title: more info

Search URL Search Domain Scan URL

URL: http://jvp.org/paypal
Title: Click here to give if you live outside the US or are having problems donating.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/facebook
Title: Facebook

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/twitter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/giving/approach/#donor-privacy
Title: Read our Donor Privacy & Values.

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://jewishvoiceforpeace.org/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2 HTTP 301
https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

Request Chain 36

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1081491993&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Load&el=Minimal&ev=18&_u=aGHAAEAB~&jid=1605483384&gjid=1615091074&cid=1886520036.1531306035&tid=UA-28243511-20&_gid=985153018.1531306035&_r=1&gtm=G6c5L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000188&cd5=Student%20Skillshare%202018%20Donate&cd6=j-5c8mGE0E22k4qAhXojHQ2&z=1199348221 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1886520036.1531306035&jid=1605483384&_gid=985153018.1531306035&gjid=1615091074&_v=j68&z=1199348221

Request Chain 40

https://syndication.twitter.com/i/jot HTTP 302
https://platform.twitter.com/jot.html

49 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set j-5c8mGE0E22k4qAhXojHQ2 Show response
secure.everyaction.com/
Redirect Chain

http://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

17 KB
7 KB

528ms
499ms

Document
text/html

45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

b4051910f0112afb961fd7c18fd331b8ce4eddc0b411119e443e12cb0fdd7db4

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Host: secure.everyaction.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: F653411F6E9784FF62ED2D05CFFC481D

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
X-Powered-By: ASP.NET
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection: 0
Date: Wed, 11 Jul 2018 10:47:14 GMT
Set-Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; expires=Wed, 10 Jul 2019 11:26:19 GMT; path=/; Domain=.everyaction.com nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; path=/; Domain=.everyaction.com incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; path=/; Domain=.everyaction.com
X-Iinfo: 4-31718747-31718750 NNNN CT(88 180 0) RT(1531306034229 19) q(0 0 3 0) r(5 5) U2
X-CDN: Incapsula
Transfer-Encoding: chunked

Redirect headers

Location: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Content-Length: 0
Connection: close

GET
H/1.1 200
OK jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
35 KB 27ms
6ms Script
application/javascript 205.185.208.52
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Server: 205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip052.ssl.hwcdn.net
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Origin: https://secure.everyaction.com

Response headers

Date: Wed, 11 Jul 2018 10:47:14 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Mar 2017 19:01:15 GMT
Server: nginx
ETag: W/"58d026fb-15283"
Vary: Accept-Encoding
X-HW: 1531306034.dop008.fr8.t,1531306034.cds001.fr8.shn,1531306034.cds001.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 35121

GET
S 200 EA_Callbacks_Embed_Donate.js Show response
jewishvoiceforpeace.org/wp-content/themes/soho-child/ 23 KB
7 KB 396ms
95ms Script
application/javascript 173.236.239.249
New Dream Network

General

Check archive.org

Show headers Download Go to

Full URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: SPDY
Server: 173.236.239.249 Brea, United States, ASN26347 (DREAMHOST-AS - New Dream Network, LLC, US),
Reverse DNS: wp447697.dreamhost.com
Software: Apache /
Resource Hash: b821829de292568bf319e1388531bbf9b1c616115d47b76e7d7c611a90d4b57a

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 11 Jul 2018 10:47:15 GMT
content-encoding: gzip
last-modified: Thu, 08 Mar 2018 01:38:05 GMT
server: Apache
age: 1446
etag: W/"5ba7-566dcba284fae"
x-cacheable: YES
content-type: application/javascript
status: 200
cache-control: max-age=31536000
x-varnish: 472050383 472050006
expires: Thu, 11 Jul 2019 10:23:08 GMT

GET
H/1.1 200
OK script-error Show response
secure.everyaction.com/js/ 228 B
896 B 105ms
104ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/js/script-error?v=GeYv9wZQnND5uIxL5ZRwfSHLeWRBgivVndhzehZsiRA1

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Content-Encoding: gzip
X-CDN: Incapsula
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Iinfo: 4-31718747-31718750 SNNN RT(1531306034229 522) q(0 0 0 -1) r(1 1) U4
Content-Length: 258
X-XSS-Protection: 0
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Last-Modified: Wed, 11 Jul 2018 10:47:14 GMT
Server: Microsoft-IIS/10.0
Date: Wed, 11 Jul 2018 10:47:14 GMT
Vary: User-Agent,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public
Expires: Thu, 11 Jul 2019 10:47:14 GMT

GET
H/1.1 200
OK students%20pal.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/ 2 MB
2 MB 504ms
158ms Image
image/png 137.116.3.20
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/students%20pal.png
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Server: 137.116.3.20 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: blob.bn1prdstr05a.store.core.windows.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f3907adc94915b8e45e7136e8be93127bf1de52883d2a84c1893e903664d79a7

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Jul 2018 10:47:15 GMT
Last-Modified: Tue, 05 Jun 2018 16:42:06 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D5CB03461CF45F
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 8dd47b3c-a01e-0073-3d04-193bf8000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 2434928

GET
H/1.1 200
OK jewish-voice-for-peace-signup-header-1.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/ 26 KB
26 KB 451ms
104ms Image
image/png 137.116.3.20
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/jewish-voice-for-peace-signup-header-1.png
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Server: 137.116.3.20 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: blob.bn1prdstr05a.store.core.windows.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a09c873c89e8e69a5a39942ba76010fe17c7672090ceaaa5067b0dc2aeb359cb

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Jul 2018 10:47:15 GMT
Last-Modified: Mon, 28 Aug 2017 17:50:44 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D4EE3D4EC60557
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: f64a75d1-801e-0046-3c04-1995ad000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 26226

GET
H/1.1 200
OK at.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 782 KB
226 KB 385ms
12ms Script
application/javascript 54.230.14.237
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Server: 54.230.14.237 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-237.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6446e02cc37f23e9fa477ede4857c3149164bc9df134400a816962c5c2438e23

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Origin: https://secure.everyaction.com

Response headers

Date: Sat, 07 Jul 2018 00:37:14 GMT
Content-Encoding: gzip
Age: 34494
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 230731
Access-Control-Allow-Origin: *
Last-Modified: Fri, 22 Jun 2018 14:24:40 GMT
Server: AmazonS3
ETag: "6941b90d1c427bffb35645f2d1c0d58d"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Via: 1.1 d9552fc5d203b7c80e0dc882434351b8.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Amz-Cf-Id: ZQ7pkmXmyugOFzCbvVodZEDTI47Hk4K9OtkkR6XjkrU--YfZdf04cw==

GET
H/1.1 200
OK base-js.gif
secure.everyaction.com/Content/images/ 35 B
301 B 386ms
385ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/Content/images/base-js.gif
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Iinfo: 4-31718747-31717144 2VNN RT(1531306034229 922) q(0 0 0 -1) r(4 4)
Date: Wed, 11 Jul 2018 10:47:15 GMT
Last-Modified: Fri, 22 Jun 2018 00:30:46 GMT
X-CDN: Incapsula
Etag: "0bfd142c09d41:0"
Content-Length: 35
Content-Type: image/gif

GET
S 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 95 KB
21 KB 27ms
6ms Script
application/x-javascript 152.199.19.160
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: SPDY
Server: 152.199.19.160 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: ad3f9f8e584be3f18ce75a18089e3a7e374933c5666bde1ecc4ce3d095e33f44

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 11 Jul 2018 10:47:15 GMT
content-encoding: gzip
content-md5: 20pRSc5zTKZ0Mcs2OWIdJw==
x-cache: HIT
status: 200
content-length: 21607
x-ms-lease-status: unlocked
last-modified: Wed, 06 Jun 2018 22:11:49 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D5CBFA80254B22
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b9711291-d01e-0110-1e04-199457000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=600
x-ms-version: 2009-09-19

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 68 KB
22 KB 49ms
48ms Script
application/javascript 2a00:1450:4001:812::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:4001:812::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

e2841c63bf45025b5b09d79e6af84cd1718a73852111e4ac1a297596a7669853

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 11 Jul 2018 10:47:15 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 22096
x-xss-protection: 1; mode=block
expires: Wed, 11 Jul 2018 10:47:15 GMT

GET
S 200 sdk.js Show response
connect.facebook.net/en_US/ 214 KB
65 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

fd5a1b79275eabad92ce28cd67b3364002911ae02aed15a64ceb7bc93cb3df1e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: fjz3dwWan1Jg3kbD1Fb8ew==
status: 200
content-length: 65808
x-xss-protection: 0
x-fb-debug: Mr/zSBVpLxflLRDceoQYw3QfW6m0G0TflpzwBt3Jig+GTz1tmSSAh8Vw6BX4plkquFyGoylTG8j0bwjV7wrvoA==
x-fb-content-md5: 9b2f6c150539b351fc676ef23f30d5ce
x-frame-options: DENY
date: Wed, 11 Jul 2018 10:47:15 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "fdce50b4b7718e1a9603579905caa838"
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
timing-allow-origin: *
expires: Wed, 11 Jul 2018 11:04:17 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 119 KB
35 KB 20ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D9) /
Resource Hash: 643ca3bddc30489dbdfa50b9b7c9803877371403531813b9c42fc814de0dd339

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 11 Jul 2018 10:47:15 GMT
Content-Encoding: gzip
Last-Modified: Tue, 10 Jul 2018 21:20:20 GMT
Server: ECS (fcn/40D9)
Etag: "50219a6a461fe892e717dd2ea6b6ebc1+gzip"
Vary: Accept-Encoding
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=1800
Content-Type: application/javascript; charset=utf-8
Content-Length: 35375

GET
S 200 analytics.js Show response
www.google-analytics.com/ 34 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM473M

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 18 May 2018 01:10:24 GMT
server: Golfe2
age: 6143
date: Wed, 11 Jul 2018 09:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 14386
expires: Wed, 11 Jul 2018 11:04:52 GMT

GET
H2 200 1e2RywyANNe.js
staticxx.facebook.com/connect/xd_arbiter/r/ Frame 5427 0
0 9ms
6ms Document
text/html 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://staticxx.facebook.com/connect/xd_arbiter/r/1e2RywyANNe.js?version=42

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' .atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com:* wss://.facebook.com: https://fb.scanandcleanlocal.com:* .atlassolutions.com attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: staticxx.facebook.com
:scheme: https
:path: /connect/xd_arbiter/r/1e2RywyANNe.js?version=42
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
accept-encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: F653411F6E9784FF62ED2D05CFFC481D
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Response headers

status: 200
expires: Wed, 10 Jul 2019 21:10:59 GMT
cache-control: public,max-age=31536000,immutable
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' *.atlassolutions.com blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* *.atlassolutions.com attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
x-xss-protection: 0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
x-fb-debug: ZciKnw2uJqNQIMd35gRfxxjrhktlVstCe72Nk5zBbyqH69w7vNJaxdRmYDCIEhX/KmxK+qeaJQStNC99yZ+SCw==
content-length: 13949
date: Wed, 11 Jul 2018 10:47:15 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
99 B 11ms
8ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1081491993&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=722772926&gjid=1556073298&cid=1886520036.1531306035&tid=UA-62682497-4&_gid=985153018.1531306035&gtm=G6cPM473M&z=642301290

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jul 2018 11:35:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 774702
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 17ms
14ms Image
image/gif 2a00:1450:400c:c0c::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-62682497-4&cid=1886520036.1531306035&jid=722772926&gjid=1556073298&_gid=985153018.1531306035&_u=YGBAgAAB~&z=2109707985

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:400c:c0c::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Jul 2018 10:47:15 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK with-js.gif
secure.everyaction.com/Content/images/ 35 B
299 B 384ms
372ms Image
image/gif 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/Content/images/with-js.gif
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; ai_user=Vrug6|2018-07-11T10:47:15.377Z; _ga=GA1.3.1886520036.1531306035; _gid=GA1.3.985153018.1531306035; _dc_gtm_UA-62682497-4=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Iinfo: 9-41277125-41276198 2VNN RT(1531306035336 6) q(0 0 0 -1) r(4 4)
Date: Wed, 11 Jul 2018 10:47:15 GMT
Last-Modified: Fri, 22 Jun 2018 00:30:46 GMT
X-CDN: Incapsula
Etag: "0bfd142c09d41:0"
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK _Incapsula_Resource Show response
secure.everyaction.com/ 111 KB
16 KB 22ms
10ms Script
application/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1260669476
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash: 3106da5cc23fe93eced7e405dd2b6776a43e8c2e3eb86704b10d7549d40862e2

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; ai_user=Vrug6|2018-07-11T10:47:15.377Z; _ga=GA1.3.1886520036.1531306035; _gid=GA1.3.985153018.1531306035; _dc_gtm_UA-62682497-4=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
Cache-Control: no-cache
Content-Length: 16422
Content-Type: application/javascript

GET
H/1.1 200
OK widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html
platform.twitter.com/widgets/ Frame E35C 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.7a5ca036ea5299f1d2ebb2234731e35e.html?origin=https%3A%2F%2Fsecure.everyaction.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/40D8) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: F653411F6E9784FF62ED2D05CFFC481D
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Response headers

Content-Encoding: gzip
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 11 Jul 2018 10:47:15 GMT
Etag: "6f4bb4155518386526ca164541e6b1ce+gzip"
Last-Modified: Tue, 10 Jul 2018 21:19:35 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/40D8)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5868

GET
H/1.1 200
OK identity Show response
profile.ngpvan.com/ 72 B
850 B 758ms
110ms Script
text/javascript 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

HTTP/1.1

Server

40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

e407eb04623b97bc86dcc51a88f2d1cde78831876c0dde8500b8cbec8f8c3d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 11 Jul 2018 10:47:15 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
Content-Type: text/javascript; charset=utf-8
Content-Length: 192
ETag: W/"48-JqXnk5nSGLFxf6Vmrf+PSNMLE0g"
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
S 200 gtm.js Show response
www.googletagmanager.com/ 68 KB
22 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

SPDY

Server

2a00:1450:4001:812::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

b933f3fe52eaf1df0efe524dd9b5cf455e030a66ee4cffc64b72e7c65eaf261d

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 11 Jul 2018 10:47:15 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 22868
x-xss-protection: 1; mode=block
expires: Wed, 11 Jul 2018 10:47:15 GMT

GET
H/1.1 200
OK at.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 104 KB
20 KB 41ms
13ms Stylesheet
text/css 54.230.14.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Server: 54.230.14.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-184.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 14:25:40 GMT
Content-Encoding: gzip
Age: 70093
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 19440
Access-Control-Allow-Origin: *
Last-Modified: Fri, 22 Jun 2018 14:24:40 GMT
Server: AmazonS3
ETag: "d140ebaaad5fc42ae53e62159671a3c7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Via: 1.1 4f49d21ad994575b3a6262e2408f2087.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Amz-Cf-Id: tDjarCVZLmRS9PQ9POHXf1LT_6QxwYcEXfIOvI-isfWUJBQhubPwEg==

GET
H/1.1 200
OK extra.min.css
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 70 KB
16 KB 42ms
15ms Stylesheet
text/css 54.230.14.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Server: 54.230.14.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-184.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 22 Jun 2018 14:25:41 GMT
Content-Encoding: gzip
Age: 70092
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16027
Access-Control-Allow-Origin: *
Last-Modified: Fri, 22 Jun 2018 14:24:40 GMT
Server: AmazonS3
ETag: "e99016f8945a101c8def9c8e25da6bc8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Via: 1.1 c4031fa00155eb8e412e373cfcb79d42.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Amz-Cf-Id: BaVFZ3Sr8gW7kxtDXqvO2r2-cQ7X4uMChZ-_4fmvbre7f8ZWddosTw==

GET
H/1.1 200
OK _Incapsula_Resource
secure.everyaction.com/ 1 B
90 B 6ms
5ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8919348766622344
Requested by: Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; ai_user=Vrug6|2018-07-11T10:47:15.377Z; _ga=GA1.3.1886520036.1531306035; _gid=GA1.3.985153018.1531306035; _dc_gtm_UA-62682497-4=1; ___utmvc=3K4CPwXhHE/w98wluRx10VzR6cWNq75lsj9LqlxJ2Nkfnv8xCd1rP+Igw22zq2e4YBtxi0YKlBSUmaEx5OetFL1qNzYNdFmWH+CZmjW7CDiHz3f/v33ZtW2iy0f3JIN1h0LHYjZ27BfjvYTxdDxzQhd2aUO1uFVcQ6tG4WvUH2aTFJcHkFFjxXutkH4UfAF0b24K2F0QR2tF2DGvNpxWRlL5fpN0WUuODXPWr4kCK8av+WUxKgMYcL4gmJpXvBiU2eu445faPcNO8ZLqH5t7pxPv6OdCxPRMduRpyrP8roduLV8YdPbk87O5cfVgajmf4cH1EqrctgqX3BHM6QEl19TvRCjhQG6A7ND84mxTFvyduQzVwNDm1MZpfUwzAs3hvUB/uiOWk0oqkxZ3EE6nH/Yeu9JMtTIXt2Rl4irKYkO3vxHWt96x0SNjYOnjkX9rHZO/yGLjXw5MyUQMdp0TM6rfjfQBa4UfNcKbM7mQ9q91laKovszmQBealdc7GxAMvUwiWsFPpsv/ZT7jn15uvbG9Equwcl8t81uTGyvmD3DwKownTaSvef8Z1v/cJL1+Feaq9TeeGqcPuCxcpX9C+ynKpmOrSIT+HUSc15r1vveJ86/XOoSLFeiY9ZL16Cyi6wMOZSx9YMYRIvNwlq/fEHbrP1CiLzeLrrLlKnPjZq+yLcuD67RZ/1F8gUneZuTlLEGqTm01lAb1zQ/vQ7o0nPcJHF6TB4OZPNh3eri1vqiur15W9bnUYsQM8LqR4E44EDmXMyQjD6MGz4p262N+aRRiY9KiEx2jWUc5irWH0ASekxIj2eJ4QZdEGiACxILyJ9+kDW+FYL2SCyExIHc+m0l8VjPP1mtox+F4KztDmwtXZ5RbQ796t8Ng/FIg0thxjcdVbjogGl09igCobWpOmkUaGp0oWAH6/0kgHv4y6FSOUDnp2SzAtpS5VSMBUg9tharzICV/PbjGBv1GQHHIb/WD+/U9lUY32kOsC4F7oSafHZOfz6fGbB+24UwMdv9nc6P2vheMKkicTc4KgFWeP8pCyArRzKlxIOwanqc9u36pES/IwUZV3W3ImueGx1c9Bwl7CSJc7/iNn9Jwv9YZdX0kurInQvjJLEYe4/VRbi43YDETDAM0uVkKzFx6R23FgosARMCbtpHpv0uyY2CuvsVyZvNkFUrQxzUOqre6CycWwdiWuRyN09BRHqoUzujQcS4ib16xIZTzjyxkaWdlc3Q9OTAyODMscz04NGE0OWJhNzhiYTM3ZDg5YTlhYjcxODk3ZDdlODBhNDViYTdhYTlhOWY5ZDY2ODI2MjZiN2U5NzZjOWZhYzcxODE2ZTg5ODY4NzczNzU3MA==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: no-cache
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK Cookie set j-5c8mGE0E22k4qAhXojHQ2 Show response
secure.everyaction.com/v1/Forms/ 31 KB
11 KB 181ms
180ms XHR
application/json 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/j-5c8mGE0E22k4qAhXojHQ2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

a1e9c68c4addb750a7d4fa84d0de5cad530212eeb1244e65443f4ff12f1ce6ce

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; ai_user=Vrug6|2018-07-11T10:47:15.377Z; _ga=GA1.3.1886520036.1531306035; _gid=GA1.3.985153018.1531306035; _dc_gtm_UA-62682497-4=1; ___utmvc=3K4CPwXhHE/w98wluRx10VzR6cWNq75lsj9LqlxJ2Nkfnv8xCd1rP+Igw22zq2e4YBtxi0YKlBSUmaEx5OetFL1qNzYNdFmWH+CZmjW7CDiHz3f/v33ZtW2iy0f3JIN1h0LHYjZ27BfjvYTxdDxzQhd2aUO1uFVcQ6tG4WvUH2aTFJcHkFFjxXutkH4UfAF0b24K2F0QR2tF2DGvNpxWRlL5fpN0WUuODXPWr4kCK8av+WUxKgMYcL4gmJpXvBiU2eu445faPcNO8ZLqH5t7pxPv6OdCxPRMduRpyrP8roduLV8YdPbk87O5cfVgajmf4cH1EqrctgqX3BHM6QEl19TvRCjhQG6A7ND84mxTFvyduQzVwNDm1MZpfUwzAs3hvUB/uiOWk0oqkxZ3EE6nH/Yeu9JMtTIXt2Rl4irKYkO3vxHWt96x0SNjYOnjkX9rHZO/yGLjXw5MyUQMdp0TM6rfjfQBa4UfNcKbM7mQ9q91laKovszmQBealdc7GxAMvUwiWsFPpsv/ZT7jn15uvbG9Equwcl8t81uTGyvmD3DwKownTaSvef8Z1v/cJL1+Feaq9TeeGqcPuCxcpX9C+ynKpmOrSIT+HUSc15r1vveJ86/XOoSLFeiY9ZL16Cyi6wMOZSx9YMYRIvNwlq/fEHbrP1CiLzeLrrLlKnPjZq+yLcuD67RZ/1F8gUneZuTlLEGqTm01lAb1zQ/vQ7o0nPcJHF6TB4OZPNh3eri1vqiur15W9bnUYsQM8LqR4E44EDmXMyQjD6MGz4p262N+aRRiY9KiEx2jWUc5irWH0ASekxIj2eJ4QZdEGiACxILyJ9+kDW+FYL2SCyExIHc+m0l8VjPP1mtox+F4KztDmwtXZ5RbQ796t8Ng/FIg0thxjcdVbjogGl09igCobWpOmkUaGp0oWAH6/0kgHv4y6FSOUDnp2SzAtpS5VSMBUg9tharzICV/PbjGBv1GQHHIb/WD+/U9lUY32kOsC4F7oSafHZOfz6fGbB+24UwMdv9nc6P2vheMKkicTc4KgFWeP8pCyArRzKlxIOwanqc9u36pES/IwUZV3W3ImueGx1c9Bwl7CSJc7/iNn9Jwv9YZdX0kurInQvjJLEYe4/VRbi43YDETDAM0uVkKzFx6R23FgosARMCbtpHpv0uyY2CuvsVyZvNkFUrQxzUOqre6CycWwdiWuRyN09BRHqoUzujQcS4ib16xIZTzjyxkaWdlc3Q9OTAyODMscz04NGE0OWJhNzhiYTM3ZDg5YTlhYjcxODk3ZDdlODBhNDViYTdhYTlhOWY5ZDY2ODI2MjZiN2U5NzZjOWZhYzcxODE2ZTg5ODY4NzczNzU3MA==
Connection: keep-alive
Request-Id: |rhUN6.hEkx/
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
X-Requested-With: XMLHttpRequest
Request-Id: |rhUN6.hEkx/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Content-Encoding: gzip
ETag: "6f3b9031-5d42-473e-af2e-d3302cfcb8b4"
X-CDN: Incapsula
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Iinfo: 5-40706190-40706209 NNNN CT(0 0 0) RT(1531306035336 102) q(0 0 0 -1) r(2 2) U2
X-XSS-Protection: 0
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Last-Modified: Wed, 11 Jul 2018 10:47:15 GMT
Server: Microsoft-IIS/10.0
Date: Wed, 11 Jul 2018 10:47:15 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache
Set-Cookie: ___utmvc=a; Max-Age=0; path=/; expires=Sun, 08 Jul 2018 11:24:43 GMT
Expires: -1

GET
H/1.1 200
OK sweetspot.js Show response
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 8 KB
9 KB 17ms
17ms Script
application/x-javascript 54.230.14.184
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol: HTTP/1.1
Server: 54.230.14.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-184.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 02 Mar 2018 15:36:20 GMT
Via: 1.1 4f49d21ad994575b3a6262e2408f2087.cloudfront.net (CloudFront)
Age: 34492
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8149
Last-Modified: Wed, 01 Mar 2017 15:31:32 GMT
Server: AmazonS3
ETag: "37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=900, s-maxage=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: x1svPAj1-DVwofAONQzLPBUyBFJWFW-2A7zS-di6xOIeESYDlEqrTQ==

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1081491993&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEAB~&jid=1083986781&gjid=1027137770&cid=1886520036.1531306035&tid=UA-28243511-20&_gid=985153018.1531306035&gtm=G6c5L2FSL&z=1278624855

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jul 2018 11:35:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 774702
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
stats.g.doubleclick.net/r/ 35 B
102 B 17ms
16ms Image
image/gif 2a00:1450:400c:c0c::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j68&tid=UA-28243511-20&cid=1886520036.1531306035&jid=1083986781&gjid=1027137770&_gid=985153018.1531306035&_u=aGDAgEAB~&z=1798221594

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:400c:c0c::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Jul 2018 10:47:15 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame DFFD
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/4191) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: F653411F6E9784FF62ED2D05CFFC481D

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 11 Jul 2018 10:47:15 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 10 Jul 2018 21:20:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4191)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 11 Jul 2018 10:47:15 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 11 Jul 2018 10:47:15 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 9ea02170cd7c76170d5b4f329f412261
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 118
x-transaction: 005d6f8a0065468b
x-tsa-request-body-time: 0
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK identity Show response
fastaction.ngpvan.com/api/v1/ 186 B
1 KB 491ms
452ms Script
text/javascript 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v1/identity?callback=_jqjsp&_1531306035821=

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

HTTP/1.1

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Cowboy / Express

Resource Hash

9edb4c1e912d340feaa267cbe8f7b04734712feb87e46f6c53a494845c233785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubdomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-CDN: Incapsula
X-Powered-By: Express
Transfer-Encoding: chunked
P3p: CP="NOI ADM DEV COM NAV OUR STP"
X-Iinfo: 8-30687902-30687909 NNNN CT(91 194 0) RT(1531306035656 15) q(0 0 3 0) r(5 5) U4
Date: Wed, 11 Jul 2018 10:47:16 GMT
Connection: keep-alive
Content-Encoding: gzip
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=FastAction
Server: Cowboy
Etag: W/"ba-1157951927"
Vary: X-HTTP-Method-Override, Accept-Encoding
Content-Type: text/javascript; charset=utf-8

GET
H/1.1 200
OK glyphicons-regular.woff2
d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/ 94 KB
95 KB 13ms
13ms Font
binary/octet-stream 54.230.14.237
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/fonts/glyphicons-regular.woff2
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 54.230.14.237 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-237.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
Origin: https://secure.everyaction.com

Response headers

Date: Fri, 02 Mar 2018 15:38:51 GMT
Via: 1.1 d9552fc5d203b7c80e0dc882434351b8.cloudfront.net (CloudFront)
Age: 49606
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Content-Length: 96388
Last-Modified: Wed, 12 Apr 2017 14:33:38 GMT
Server: AmazonS3
ETag: "aca35251952e72d9e32d41217f0f97ab"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: mupK_Q343kaeIbrswyvri4N32pLJdzs4v_9xqu0ihdRnlRn5LvH40Q==

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/png

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

Response headers

Access-Control-Allow-Origin: *
Content-Type: image/svg+xml

GET
H/1.1 200
OK j-5c8mGE0E22k4qAhXojHQ2 Show response
actions.everyaction.com/PayPalClientToken/ 2 KB
2 KB 963ms
931ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://actions.everyaction.com/PayPalClientToken/j-5c8mGE0E22k4qAhXojHQ2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

dad40afac07c105864bb54a47479c7e4477f0ab8feaef5fc0c4350c17ed60c2d

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Pragma: no-cache
Origin: https://secure.everyaction.com
Accept-Encoding: gzip, deflate
Host: actions.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; _ga=GA1.2.1886520036.1531306035; _gid=GA1.2.985153018.1531306035; _dc_gtm_UA-28243511-20=1; _gat_UA-28243511-20=1
Connection: keep-alive
Cache-Control: no-cache
Accept: */*
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Origin: https://secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Content-Encoding: gzip
X-CDN: Incapsula
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
X-Iinfo: 8-30687920-30687922 NNNN CT(88 193 0) RT(1531306035714 15) q(0 0 3 -1) r(9 9) U2
X-XSS-Protection: 0
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma: no-cache
Server: Microsoft-IIS/10.0
Date: Wed, 11 Jul 2018 10:47:16 GMT
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Expires: -1

GET
H/1.1 200
OK cc.png
d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/ 3 KB
4 KB 14ms
14ms Image
image/png 54.230.14.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/images/cc.png
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Server: 54.230.14.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-184.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Sun, 25 Mar 2018 21:43:03 GMT
Via: 1.1 4f49d21ad994575b3a6262e2408f2087.cloudfront.net (CloudFront)
Age: 67809
X-Cache: Hit from cloudfront
x-amz-storage-class: REDUCED_REDUNDANCY
Connection: keep-alive
Content-Length: 3392
Last-Modified: Thu, 30 Apr 2015 15:08:39 GMT
Server: AmazonS3
ETag: "294b44fc8703a45684537d51e363c045"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Accept-Ranges: bytes
X-Amz-Cf-Id: DOeKi9Wrg_kGTkBBLvZIizrurC2Yn64t2EQ4Yzl7vYQI_f_fodzeKw==

GET
H/1.1 200
OK fast-action.png
d1aqhv4sn5kxtx.cloudfront.net/images/ 1019 B
1 KB 13ms
13ms Image
image/png 54.230.14.184
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1aqhv4sn5kxtx.cloudfront.net/images/fast-action.png
Requested by: Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol: HTTP/1.1
Server: 54.230.14.184 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-54-230-14-184.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321

Request headers

Referer: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 17 May 2017 22:46:03 GMT
Via: 1.1 4f49d21ad994575b3a6262e2408f2087.cloudfront.net (CloudFront)
Last-Modified: Fri, 06 Feb 2015 17:50:28 GMT
Server: AmazonS3
Age: 338127
ETag: "fe324c0498d28e434d58e6d547ba19a1"
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1019
X-Amz-Cf-Id: x2b4FQvaRa2AtpQLRLBZGq5HXEo4ut9CCDaCclGA3lvr17CjSHu_Jw==

GET
H/1.1 200
OK Digital-Logo-Horizontal.png
nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/ 23 KB
24 KB 121ms
120ms Image
image/png 137.116.3.20
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/JVP/JVP/1/61881/images/Logos/Digital-Logo-Horizontal.png
Requested by: Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js
Protocol: HTTP/1.1
Server: 137.116.3.20 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS: blob.bn1prdstr05a.store.core.windows.net
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 11 Jul 2018 10:47:15 GMT
Last-Modified: Mon, 18 Sep 2017 17:28:52 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D4FEBABB2CD773
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: f64a75f8-801e-0046-6004-1995ad000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 23661

GET
S

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1081491993&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=15...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1886520036.1531306035&jid=1605483384&_gid=985153018.1531306035&gjid=1615091074&_v=j68&z=1199348221

35 B
102 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c0c::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1886520036.1531306035&jid=1605483384&_gid=985153018.1531306035&gjid=1615091074&_v=j68&z=1199348221

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:400c:c0c::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 11 Jul 2018 10:47:16 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Jul 2018 10:47:15 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-28243511-20&cid=1886520036.1531306035&jid=1605483384&_gid=985153018.1531306035&gjid=1615091074&_v=j68&z=1199348221
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 420
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
6ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1081491993&t=pageview&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGHAAEAB~&jid=&gjid=&cid=1886520036.1531306035&tid=UA-28243511-20&_gid=985153018.1531306035&gtm=G6c5L2FSL&cd1=ContributionForm&z=1701293840

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jul 2018 11:35:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 774702
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK j-5c8mGE0E22k4qAhXojHQ2
actions.everyaction.com/v1/Track/ 0
490 B 447ms
425ms Image
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://actions.everyaction.com/v1/Track/j-5c8mGE0E22k4qAhXojHQ2

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: actions.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; _ga=GA1.2.1886520036.1531306035; _gid=GA1.2.985153018.1531306035; _dc_gtm_UA-28243511-20=1; _gat_UA-28243511-20=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Iinfo: 7-17906855-17906856 NNNN CT(87 180 0) RT(1531306035801 5) q(0 0 2 -1) r(4 4) U2
X-XSS-Protection: 0
Cache-Control: no-cache
Date: Wed, 11 Jul 2018 10:47:15 GMT
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length: 0
X-CDN: Incapsula
Expires: -1

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1081491993&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Fill&el=FastAction&ev=9&_u=aGHAAEAB~&jid=&gjid=&cid=1886520036.1531306035&tid=UA-28243511-20&_gid=985153018.1531306035&gtm=G6c5L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000188&cd5=Student%20Skillshare%202018%20Donate&cd6=j-5c8mGE0E22k4qAhXojHQ2&z=432894966

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jul 2018 11:35:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 774702
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

jot.html
platform.twitter.com/ Frame A66A
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

0
0

6ms
6ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
MCI Communication...

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software: ECS (fcn/41AD) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Origin: null
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: F653411F6E9784FF62ED2D05CFFC481D

Response headers

Accept-Ranges: bytes
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 11 Jul 2018 10:47:16 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Tue, 10 Jul 2018 21:20:19 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/41AD)
X-Cache: HIT
Content-Length: 80

Redirect headers

status: 302 302 Found
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 0
content-type: text/html;charset=utf-8
date: Wed, 11 Jul 2018 10:47:16 GMT
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 11 Jul 2018 10:47:16 GMT
location: https://platform.twitter.com/jot.html
pragma: no-cache
server: tsa_o
strict-transport-security: max-age=631138519
x-connection-hash: 9ea02170cd7c76170d5b4f329f412261
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-response-time: 111
x-transaction: 005aa292002ce321
x-tsa-request-body-time: 1
x-twitter-response-tags: BouncerCompliant
x-xss-protection: 0

GET
H/1.1 200
OK nvtag Show response
profile.ngpvan.com/v2/data/NwDEEeTkz2F1s8Nfw_5Xqpm_/ 2 B
683 B 416ms
134ms XHR
application/json 40.114.13.25
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/NwDEEeTkz2F1s8Nfw_5Xqpm_/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Server: 40.114.13.25 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Origin: https://secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Wed, 11 Jul 2018 10:47:15 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: Express, ASP.NET
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://secure.everyaction.com
Access-Control-Allow-Credentials: true
Content-Length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3,roleName=databag

GET
H/1.1 204
No Content Cookie set NwDEEeTkz2F1s8Nfw_5Xqpm_ Show response
secure.everyaction.com/Databag/Profile/ 0
633 B 108ms
107ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/Databag/Profile/NwDEEeTkz2F1s8Nfw_5Xqpm_

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
Cookie: visid_incap_823975=mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K; nlbi_823975=gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO; incap_ses_533_823975=tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==; ai_user=Vrug6|2018-07-11T10:47:15.377Z; _ga=GA1.3.1886520036.1531306035; _gid=GA1.3.985153018.1531306035; _dc_gtm_UA-62682497-4=1; _ga=GA1.2.1886520036.1531306035; _gid=GA1.2.985153018.1531306035; _dc_gtm_UA-28243511-20=1; ai_session=GMEYe|1531306035812.7|1531306035812.7; _gat_UA-28243511-20=1
Connection: keep-alive
Request-Id: |rhUN6.h31y3
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Accept: */*
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
X-Requested-With: XMLHttpRequest
Request-Id: |rhUN6.h31y3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Iinfo: 9-41277125-41277508 NNNN CT(0 0 0) RT(1531306035336 1216) q(0 0 0 -1) r(1 1) U11
X-XSS-Protection: 0
Cache-Control: private
Date: Wed, 11 Jul 2018 10:47:16 GMT
Set-Cookie: ProfileDatabagId=NwDEEeTkz2F1s8Nfw_5Xqpm_; domain=.everyaction.com; expires=Tue, 11-Jul-2028 10:47:16 GMT; path=/
X-CDN: Incapsula
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H/1.1 204
No Content NwDEEeTkz2F1s8Nfw_5Xqpm_ Show response
secure.ngpvan.com/Databag/Profile/ 0
1016 B 419ms
388ms XHR
text/plain 45.60.33.183
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.ngpvan.com/Databag/Profile/NwDEEeTkz2F1s8Nfw_5Xqpm_

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Server

45.60.33.183 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Origin: https://secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
X-Iinfo: 3-24457805-24457809 NNNN CT(87 180 0) RT(1531306036568 15) q(0 0 3 0) r(4 4) U11
X-XSS-Protection: 0
Cache-Control: private
Date: Wed, 11 Jul 2018 10:47:16 GMT
X-CDN: Incapsula
Request-Context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
S 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1081491993&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=ContributionForm&ea=Form%20Fill&el=FastAction&ev=11&_u=aGHAAEAB~&jid=&gjid=&cid=1886520036.1531306035&tid=UA-28243511-20&_gid=985153018.1531306035&gtm=G6c5L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FJVP%2FJVP%2F1%2F61881&cd4=1000188&cd5=Student%20Skillshare%202018%20Donate&cd6=j-5c8mGE0E22k4qAhXojHQ2&z=714167354

Requested by

Host: secure.everyaction.com
URL: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jul 2018 11:35:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 774703
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
S 200 collect
www.google-analytics.com/ 35 B
93 B 6ms
5ms Image
image/gif 2a00:1450:4001:812::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j68&a=1081491993&t=timing&_s=2&dl=https%3A%2F%2Fsecure.everyaction.com%2Fj-5c8mGE0E22k4qAhXojHQ2&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2423&pdt=1&dns=6&rrt=564&srt=499&tcp=23&dit=1147&clt=1147&_u=aGHAgEAB~&jid=&gjid=&cid=1886520036.1531306035&tid=UA-62682497-4&_gid=985153018.1531306035&gtm=G6cPM473M&z=304141039

Protocol

SPDY

Server

2a00:1450:4001:812::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 02 Jul 2018 11:35:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 774703
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK configuration Show response
api.braintreegateway.com/merchants/yxvcxx5ksxm985d2/client_api/v1/ 1 KB
1 KB 851ms
499ms Script
application/javascript 204.109.13.121
Braintree Payment...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.braintreegateway.com/merchants/yxvcxx5ksxm985d2/client_api/v1/configuration?authorizationFingerprint=2b0f85feeb2d6197ea128861b346d5a2478eeffec8c09e3be91473c981f3617c%7Cclient_id%3Dclient_id%24production%24dtxtmh3xhqxz2957%26created_at%3D2018-07-11T10%3A47%3A16.528133994%2B0000%26merchant_id%3Dyxvcxx5ksxm985d2&_meta%5BsessionId%5D=d26099c0-bfc4-4f3c-b44d-5621621ad629&callback=callback_jsone2b5aaff153f4eb29d019fc34d3e4e5a

Requested by

Host: d1aqhv4sn5kxtx.cloudfront.net
URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js

Protocol

HTTP/1.1

Server

204.109.13.121 , United States, ASN22510 (BRAINTREEPAYMENTSOLUTIONS - Braintree Payment Solutions, LLC, US),

Reverse DNS

api.braintreegateway.com

Software

nginx /

Resource Hash

191c076ec30741c33a77f0e16c01486674f8bd7bc0d4d05da301908480b8016a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

X-Runtime: 0.373436
Date: Wed, 11 Jul 2018 10:47:17 GMT
Content-Encoding: gzip
Server: nginx
ETag: W/"cbede7764141d0a9dd9775c0d93897e8"
X-Cache-Status: BYPASS
Vary: Accept-Encoding, Origin
Content-Type: application/javascript; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Braintree-Service-Origin: clientauth
X-Authentication: authorization_fingerprint
X-Request-Id: 96f127c6-721e-42cd-a356-29799342ea9f

OPTIONS
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 0
361 B 165ms
29ms XHR
text/plain 52.169.64.244
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

HTTP/1.1

Server

52.169.64.244 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Access-Control-Request-Method: POST
Origin: https://secure.everyaction.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type,sdk-context

Response headers

Date: Wed, 11 Jul 2018 10:47:16 GMT
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 0

POST
H/1.1 200
OK track Show response
dc.services.visualstudio.com/v2/ 96 B
569 B 3925ms
3925ms XHR
application/json 52.169.64.244
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

HTTP/1.1

Server

52.169.64.244 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
Origin: https://secure.everyaction.com
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 9F6A3E15-D9DA-4054-AC69-73DC713808A7
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Max-Age: 3600
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Date: Wed, 11 Jul 2018 10:47:20 GMT
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
Content-Length: 96

GET
H/1.1 200
OK pay-with-paypal.png
checkout.paypal.com/pwpp/2.24.1/images/ 13 KB
13 KB 192ms
162ms Image
image/png 104.108.47.187
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://checkout.paypal.com/pwpp/2.24.1/images/pay-with-paypal.png

Protocol

HTTP/1.1

Server

104.108.47.187 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a104-108-47-187.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

fbb6370dbc1f1cca405a337dce28165418b4560a41f1a90c4f8bbb15072d4987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://secure.everyaction.com/j-5c8mGE0E22k4qAhXojHQ2
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 10 Jul 2018 19:26:23 GMT
Server: nginx
ETag: "5b45085f-345b"
Content-Type: image/png
Cache-Control: max-age=86400
Date: Wed, 11 Jul 2018 10:47:17 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13403
Expires: Thu, 12 Jul 2018 10:47:17 GMT

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.everyaction.com/	1970-01-18 17:21:46	Name: _gat_UA-28243511-20 Value: 1
.everyaction.com/	1970-01-18 17:21:46	Name: _dc_gtm_UA-28243511-20 Value: 1
.everyaction.com/	1970-01-19 10:52:58	Name: _ga Value: GA1.2.1886520036.1531306035
.secure.everyaction.com/	1970-01-18 17:21:46	Name: _dc_gtm_UA-62682497-4 Value: 1
secure.everyaction.com/	1970-01-18 17:21:47	Name: ai_session Value: GMEYe\|1531306035812.7\|1531306035812.7
.everyaction.com/	1970-01-18 17:23:12	Name: _gid Value: GA1.2.985153018.1531306035
.secure.everyaction.com/	1970-01-18 17:23:12	Name: _gid Value: GA1.3.985153018.1531306035
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: gpQwKXBacGvogHRNCrJwSAAAAAAO2XbxFm+41CsawMXxTkoO
.secure.everyaction.com/	1970-01-19 10:52:58	Name: _ga Value: GA1.3.1886520036.1531306035
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_533_823975 Value: tB7yTPoRww37PxaxYpllBzLgRVsAAAAALeQXnO1eWKcuY2iHXgvRjw==
secure.everyaction.com/	1970-01-19 02:07:22	Name: ai_user Value: Vrug6\|2018-07-11T10:47:15.377Z
.everyaction.com/	1970-01-19 02:05:57	Name: visid_incap_823975 Value: mrppvu9YTDujawtlSugXXjLgRVsAAAAAQUIPAAAAAABKghaymKuDBwJgdVIWaJ+K

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Downloading: 192.7177734375ms
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 0: HeaderHtml
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 1: FooterHtml
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 2: submitForm
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 3: ContributionInformation
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 4: ContactInformation
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 5: PaymentInformation
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 6: Interests
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 66) Message: truex: 4
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 19) Message: 7: AdditionalInformation
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 89) Message: true -- true
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Processing: 31.535888671875ms
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 171) Message: no memTY
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Render: 51.8310546875ms
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 202) Message: {"fill_dict":{"SelectAmount":"10.00","IsRecurring":false,"SelectedFrequency":"4","Country":"US","Interest_4375316":true,"Amount":"0.00","IsRecurringAmount":false,"YesSignMeUpForUpdatesForBinder":true,"ExpirationMonth":"","ExpirationYear":"","PaymentMethod":"creditcard","_source":"FastAction"},"fill_source":"FastAction"}
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Fill: 66.40380859375ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Form: 343.718017578125ms
console-api	debug	URL: https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/at.js(Line 7) Message: Total: 413.3271484375ms
console-api	log	URL: https://jewishvoiceforpeace.org/wp-content/themes/soho-child/EA_Callbacks_Embed_Donate.js(Line 202) Message: {"fill_dict":{"SelectAmount":"10.00","IsRecurring":false,"SelectedFrequency":"4","Country":"US","Interest_4375316":true,"Amount":"10.00","IsRecurringAmount":false,"YesSignMeUpForUpdatesForBinder":true,"ExpirationMonth":"","ExpirationYear":"","PaymentMethod":"creditcard","SuggestedAmount":"10.00","_source":"FastAction"},"fill_source":"FastAction"}

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.everyaction.com
api.braintreegateway.com
az416426.vo.msecnd.net
checkout.paypal.com
code.jquery.com
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
dc.services.visualstudio.com
fastaction.ngpvan.com
jewishvoiceforpeace.org
nvlupin.blob.core.windows.net
platform.twitter.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
staticxx.facebook.com
stats.g.doubleclick.net
syndication.twitter.com
www.google-analytics.com
www.googletagmanager.com
104.108.47.187
104.244.42.136
137.116.3.20
152.199.19.160
173.236.239.249
204.109.13.121
205.185.208.52
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:812::2008
2a00:1450:4001:812::200e
2a00:1450:400c:c0c::9a
2a03:2880:f01c:8012:face:b00c:0:3
40.114.13.25
45.60.33.183
52.169.64.244
54.230.14.184
54.230.14.237
191c076ec30741c33a77f0e16c01486674f8bd7bc0d4d05da301908480b8016a
1e14deb2749e1521aac0ebcb8f99739494f4918fc07649ac6f51a2985085d756
1e52d749ca33a4900f7618270d0832249e4f892c31ee1f3051d93d3533617a17
25c868b823baf8d30c3af7ced6ff330ded26d08e841dfa93feea17811d7f5fb8
3106da5cc23fe93eced7e405dd2b6776a43e8c2e3eb86704b10d7549d40862e2
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
557afa4ab7c9f72d664c4b24fdac9550f4a76fd2be10eaa1e50b13fe1985c321
643ca3bddc30489dbdfa50b9b7c9803877371403531813b9c42fc814de0dd339
6446e02cc37f23e9fa477ede4857c3149164bc9df134400a816962c5c2438e23
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8e56bfbe35470230925fd927d16342b3f18d1bc0751b1405c2c26999440426b0
9edb4c1e912d340feaa267cbe8f7b04734712feb87e46f6c53a494845c233785
a09c873c89e8e69a5a39942ba76010fe17c7672090ceaaa5067b0dc2aeb359cb
a0d5abc8b0c826a3070659eb2f2be12308e146a8456323345221a478cefd59e9
a1e9c68c4addb750a7d4fa84d0de5cad530212eeb1244e65443f4ff12f1ce6ce
ad3f9f8e584be3f18ce75a18089e3a7e374933c5666bde1ecc4ce3d095e33f44
b4051910f0112afb961fd7c18fd331b8ce4eddc0b411119e443e12cb0fdd7db4
b821829de292568bf319e1388531bbf9b1c616115d47b76e7d7c611a90d4b57a
b933f3fe52eaf1df0efe524dd9b5cf455e030a66ee4cffc64b72e7c65eaf261d
d2be42c5a8a5fb6841b10fb0af34a62a9cf554ff3a6cb42be8f6d5673572da96
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
dad40afac07c105864bb54a47479c7e4477f0ab8feaef5fc0c4350c17ed60c2d
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e2841c63bf45025b5b09d79e6af84cd1718a73852111e4ac1a297596a7669853
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e407eb04623b97bc86dcc51a88f2d1cde78831876c0dde8500b8cbec8f8c3d9a
f3907adc94915b8e45e7136e8be93127bf1de52883d2a84c1893e903664d79a7
fbb6370dbc1f1cca405a337dce28165418b4560a41f1a90c4f8bbb15072d4987
fd5a1b79275eabad92ce28cd67b3364002911ae02aed15a64ceb7bc93cb3df1e
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

secure.everyaction.com Open in urlscan Pro 45.60.33.183 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

29 %HTTPS

29 %IPv6

16 Domains

20 Subdomains

17 IPs

3 Countries

3079 kBTransfer

4371 kBSize

12 Cookies

13 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.everyaction.com Open in urlscan Pro
45.60.33.183 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

29 %
HTTPS

29 %
IPv6

16
Domains

20
Subdomains

17
IPs

3
Countries

3079 kB
Transfer

4371 kB
Size

12
Cookies

49 HTTP transactions
2 data transactions