urlscan.io logo urlscan.io
SecurityTrails logo

secure.everyaction.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://sli.washingtonpost.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108ea169956
Effective URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&source...
Submission: On October 08 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 3 countries across 16 domains to perform 47 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.everyaction.com. The Cisco Umbrella rank of the primary domain is 72791.
TLS certificate: Issued by RapidSSL TLS ECC CA G1 on March 4th 2024. Valid for: a year.
This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2600:9000:223... 16509 (AMAZON-02)
1 1 54.205.249.138 14618 (AMAZON-AES)
1 8 45.60.33.183 19551 (INCAPSULA)
3 2600:9000:249... 16509 (AMAZON-02)
2 2600:9000:266... 16509 (AMAZON-02)
1 54.231.162.81 16509 (AMAZON-02)
1 198.54.115.224 22612 (NAMECHEAP...)
2 20.209.68.129 8075 (MICROSOFT...)
1 2a04:4e42:600... 54113 (FASTLY)
1 18.172.112.95 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
5 142.250.185.131 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 2600:9000:266... 16509 (AMAZON-02)
2 18.245.31.78 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:225... 16509 (AMAZON-02)
2 20.50.88.245 8075 (MICROSOFT...)
47 17
1    2600:9000:223e:7e00:7:ece:8500:93a1 (United States)

ASN16509 (AMAZON-02, US)
sli.washingtonpost.com
1    54.205.249.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-249-138.compute-1.amazonaws.com
p.liadm.com
8    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
secure.everyaction.com
advocator.ngpvan.com
3    2600:9000:2490:3e00:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.everyaction.com
2    2600:9000:266e:fe00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    54.231.162.81 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
thl-file-server.s3.amazonaws.com
1    198.54.115.224 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server111-3.web-hosting.com
thlclarity.com
2    20.209.68.129 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    18.172.112.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-95.fra60.r.cloudfront.net
js.verygoodvault.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
fonts.gstatic.com
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2600:9000:266e:ee00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    18.245.31.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-78.fra56.r.cloudfront.net
cmp.osano.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2600:9000:2251:9c00:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)
d3rse9xjbp8270.cloudfront.net
2    20.50.88.245 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
10 everyaction.com
secure.everyaction.com — Cisco Umbrella Rank: 72791
static.everyaction.com — Cisco Umbrella Rank: 62898
337 KB
5 gstatic.com
fonts.gstatic.com
204 KB
5 osano.com
cmp.osano.com — Cisco Umbrella Rank: 5278
75 KB
4 cloudfront.net
d3rse9xjbp8270.cloudfront.net
116 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
296 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 785
200 B
2 windows.net
nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 81185
5 MB
1 ngpvan.com
advocator.ngpvan.com — Cisco Umbrella Rank: 565904
7 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 3081
47 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
3 KB
1 verygoodvault.com
js.verygoodvault.com — Cisco Umbrella Rank: 25047
44 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 311
17 KB
1 thlclarity.com
thlclarity.com
9 KB
1 amazonaws.com
thl-file-server.s3.amazonaws.com
3 KB
1 liadm.com
p.liadm.com — Cisco Umbrella Rank: 11922
504 B
1 washingtonpost.com
sli.washingtonpost.com — Cisco Umbrella Rank: 79936
690 B
47 16
Domain Requested by
7 secure.everyaction.com 1 redirects secure.everyaction.com
cmp.osano.com
5 fonts.gstatic.com secure.everyaction.com
fonts.googleapis.com
5 cmp.osano.com secure.everyaction.com
cmp.osano.com
4 d3rse9xjbp8270.cloudfront.net cmp.osano.com
d3rse9xjbp8270.cloudfront.net
3 www.googletagmanager.com cmp.osano.com
3 static.everyaction.com secure.everyaction.com
cmp.osano.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 nvlupin.blob.core.windows.net secure.everyaction.com
1 advocator.ngpvan.com static.everyaction.com
1 az416426.vo.msecnd.net cmp.osano.com
1 fonts.googleapis.com secure.everyaction.com
1 js.verygoodvault.com secure.everyaction.com
1 cdn.jsdelivr.net secure.everyaction.com
1 thlclarity.com secure.everyaction.com
1 thl-file-server.s3.amazonaws.com secure.everyaction.com
1 p.liadm.com 1 redirects
1 sli.washingtonpost.com 1 redirects
47 17
Subject Issuer Validity Valid
*.everyaction.com
RapidSSL TLS ECC CA G1		 2024-03-04 -
2025-03-03		 a year crt.sh
static.everyaction.com
Amazon RSA 2048 M03		 2024-04-08 -
2025-05-07		 a year crt.sh
*.osano.com
Amazon RSA 2048 M02		 2024-09-17 -
2025-10-16		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
thlclarity.com
Sectigo RSA Domain Validation Secure Server CA		 2024-05-20 -
2025-05-20		 a year crt.sh
*.blob.core.windows.net
Microsoft Azure RSA TLS Issuing CA 08		 2024-03-27 -
2025-03-22		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3		 2024-07-30 -
2025-08-31		 a year crt.sh
*.verygoodvault.com
Amazon RSA 2048 M02		 2023-12-19 -
2025-01-16		 a year crt.sh
upload.video.google.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.gstatic.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.ngpvan.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-11-07 -
2024-11-06		 a year crt.sh
*.google-analytics.com
WR2		 2024-09-24 -
2024-12-17		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-09-08 -
2025-09-03		 a year crt.sh

This page contains 2 frames:

Primary Page: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Frame ID: 3B5712D72AFF99104190AB96B8667EE1
Requests: 37 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 71A2F97B4B3EED79697B0F556F1BE010
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

TAKE ACTION: Pass the OCTOPUS Act!

Page URL History Show full URLs

  1. https://sli.washingtonpost.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108... HTTP 301
    https://p.liadm.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108... HTTP 302
    https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaig... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • /marked(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

47
Requests

77 %
HTTPS

50 %
IPv6

16
Domains

17
Subdomains

17
IPs

3
Countries

6124 kB
Transfer

8371 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://sli.washingtonpost.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108ea169956 HTTP 301
    https://p.liadm.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108ea169956&_lc2_fpi=4dc617f0d833--01j9phbqvmg7h4wxj9mc8v5haq&i6=MjAwMTphYzg6MjA6MjcyOjoyZQ%3D%3D HTTP 302
    https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://secure.everyaction.com/favicon.ico HTTP 301
  • https://secure.everyaction.com/Content/images/favicon.ico

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 2JGEQUBSsUCU318gN6bAvA2
secure.everyaction.com/
Redirect Chain
  • https://sli.washingtonpost.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108ea169956
  • https://p.liadm.com/click?s=107220&li=most&m=08adb59d43e458ee8fd62ec49b8708b1&p=6705558147835108ea169956&_lc2_fpi=4dc617f0d833--01j9phbqvmg7h4wxj9mc8v5haq&i6=MjAwMTphYzg6MjA6MjcyOjoyZQ%3D%3D
  • https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
59 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
ebfed7bbe1e7abc75eb8f19725e1c90bbf60130a108283713db11549b5b672f3
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-expose-headers
Request-Context
cache-control
public, max-age=10
content-encoding
gzip
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type
text/html; charset=utf-8
date
Tue, 08 Oct 2024 17:03:24 GMT
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-iinfo
12-109588397-109588400 NNNN CT(87 184 0) RT(1728407003783 10) q(0 0 3 1) r(5 5) U18
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 08 Oct 2024 17:03:23 GMT
Location
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
at.js
static.everyaction.com/ea-actiontag/ 		835 KB
241 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
68f13905b2570ab563f511b8996074ea7ea7f98a395f4b68534f19fa45b9e69f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"cdaf898d377d7359d5c1eaa143a09ecf"
age
8950
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
1OhUWcOgJn39q_JFO-rPB9L3asJqL8B-H2_nrD7uPDXBcEBZ8O6Ahw==
date
Tue, 08 Oct 2024 14:34:15 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 08 Oct 2024 14:34:10 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 409b27093eb36cec367cdee5f3ecf8b2.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
245544
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
at.min.css
static.everyaction.com/ea-actiontag/ 		59 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/at.min.css
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
852203965f53437340cea9465991479a7a384d3ce6fe7aff55641ea05723a017

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"377a3c0328b2cec25d0f1f49dc0e7463"
age
8950
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
C71X2y5gaV19c6gLGdvnBZyzAXK66xccSQVf6wSqaXxBjHOUyJ3ShQ==
date
Tue, 08 Oct 2024 14:34:15 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 08 Oct 2024 14:34:10 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
11715
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
osano.js
cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/ 		175 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6db7c3dc9119ef627da8cb18229f495d3d919aa016412bb65d1929843fd96102
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
br
etag
"bb16fc094122eefdc9f195feaa705876"
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
CitpGGWPZZa0e4Y48SkqHTjy3Q8EVJ5A1fmGoV-IoQrbN_9KNV8Skw==
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
application/javascript; charset=utf-8
last-modified
Mon, 09 Sep 2024 15:26:02 GMT
vary
Origin
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
cross-origin-resource-policy
cross-origin
referrer-policy
strict-origin-when-cross-origin
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
content-length
47794
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
CloudFront
thl-no-icon.css
thl-file-server.s3.amazonaws.com/osano/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thl-file-server.s3.amazonaws.com/osano/thl-no-icon.css
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.231.162.81 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
e84e457deeb5f0e627f2dc74f3e3ce3544de446c51ce193b5ba0b6bb02ad505c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

ETag
"78509e7d2168cccd6724afa6c4a1e80d"
x-amz-request-id
BZCXQPBE1HPB2F60
Accept-Ranges
bytes
Content-Length
2764
Date
Tue, 08 Oct 2024 17:03:25 GMT
Last-Modified
Wed, 10 Aug 2022 16:48:43 GMT
Content-Type
text/css
Server
AmazonS3
x-amz-id-2
DJyyeWbTPUklQvI18lvc2nv+fxS7fsL+vSOdabs3lV03PQ8RKgQLSZo6qwvD7AfScXmyaqhZ5Og=
asa.js
thlclarity.com/analytics/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thlclarity.com/analytics/asa.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
198.54.115.224 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS
server111-3.web-hosting.com
Software
LiteSpeed /
Resource Hash
f6c7d0c619a0fd65b97242bfcfe489a940b63e2501aa72cc9751c7a0b21c7406

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
br
accept-ranges
bytes
content-length
9121
date
Tue, 08 Oct 2024 17:03:07 GMT
x-turbo-charged-by
LiteSpeed
content-type
text/javascript
last-modified
Thu, 04 Apr 2024 19:06:47 GMT
vary
Accept-Encoding
server
LiteSpeed
dev-24-octopus-form-image-every-action-web-resize.jpg
nvlupin.blob.core.windows.net/images/van/EA/EA001/1/59834/images/Advocacy%20-%20Narrative%20Intro/ 		5 MB
5 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/EA/EA001/1/59834/images/Advocacy%20-%20Narrative%20Intro/dev-24-octopus-form-image-every-action-web-resize.jpg
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ee5c9b8387c1031d0452d64ff28afd7eed38f5ebe262da08c75679697c4b1a5e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8DCB8CE8E2C7691
x-ms-request-id
6fa5ec31-f01e-002b-0da3-19e55c000000
Access-Control-Allow-Origin
*
Content-Length
5067188
Date
Tue, 08 Oct 2024 17:03:24 GMT
Content-Type
image/jpeg
Last-Modified
Fri, 09 Aug 2024 23:54:06 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
marked.min.js
cdn.jsdelivr.net/npm/marked@3.0.7/ 		46 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/marked@3.0.7/marked.min.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
140ae809612adf5f9abbd4dc06e2dcb92f96bdf56f19a56563db55f609ed259f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"b68a-PSozqkZmvTN5LDpYB4zKHyfqwIA"
age
1302341
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230117-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
16590
x-jsd-version
3.0.7
vgs-collect.js
js.verygoodvault.com/vgs-collect/2.18.4/ 		134 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.172.112.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-172-112-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/

Response headers

Content-Encoding
gzip
x-amz-version-id
jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
ETag
W/"156be461dd96d02fce3792c020f7748a"
Age
43
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
uADAfWCBLaSSkyTZKoyGyja078tPM5YQkRdmWVHIKgvtbP7OXThggA==
Date
Tue, 08 Oct 2024 17:02:42 GMT
Content-Type
application/javascript
Vary
Accept-Encoding
Last-Modified
Thu, 16 Mar 2023 10:29:55 GMT
Transfer-Encoding
chunked
Cache-Control
max-age=60
Connection
keep-alive
Via
1.1 413634bfcacd752107ee361d53948cee.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
FRA60-P8
Server
AmazonS3
x-amz-server-side-encryption
AES256
_Incapsula_Resource
secure.everyaction.com/ 		79 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=222924603
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
6e72e662c3558f38107c904925bfe5104b91e14408863cfefeeda10ad95847b5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-encoding
gzip
content-length
19124
content-type
application/javascript
847f9205-924b-4d74-b7a8-8660774f3f46
https://secure.everyaction.com/ Frame 		0
0
css2
fonts.googleapis.com/ 		27 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Noto+Serif:ital@1&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e9cce4ec84d8e1259175b2e3c655d6859c0cab0cba42804b7a001b38a3986b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 08 Oct 2024 17:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 08 Oct 2024 17:03:24 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
access-control-allow-origin
*
x-xss-protection
0
server
ESF
33812882-daa7-49a4-9027-c778605ea105
https://secure.everyaction.com/ Frame 		0
0
252bdc76-8fb7-4c8d-80b3-c20fa11540ad
https://secure.everyaction.com/ Frame 		0
0
narrative-shadow.png
nvlupin.blob.core.windows.net/images/van/EA/EA001/1/59834/images/Advocacy%20-%20Narrative%20Intro/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/EA/EA001/1/59834/images/Advocacy%20-%20Narrative%20Intro/narrative-shadow.png
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
20.209.68.129 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2477ffac95d6fa9b7196c793d13b3de179c1e5ec67bf27a5737fafa911a9918b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
ETag
0x8D881A6D5491C76
x-ms-request-id
94d1f01b-b01e-0067-68a3-19756c000000
Access-Control-Allow-Origin
*
Content-Length
16985
Date
Tue, 08 Oct 2024 17:03:24 GMT
Content-Type
image/png
Last-Modified
Thu, 05 Nov 2020 16:21:21 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b89cfec5c3663d9bc91c9c1c4b1d32bc52bdd46547d60101bde79bca3e5a2d41

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
truncated
/ 		542 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e374c1c5e2146ffad98eeecfe55542adcb3ec9dfe9f9eddbc70d67dea3e2b2d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
mem8YaGs126MiZpBA-U1Ug.ttf
fonts.gstatic.com/s/opensans/v18/ 		91 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-U1Ug.ttf
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
b31b29a36863fed7e0d370f54e142ef7028b72915293aac0c441c0599f4cab13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/

Response headers

content-encoding
gzip
age
47028
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 03:59:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 03:59:36 GMT
last-modified
Tue, 15 Sep 2020 18:09:25 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
57484
x-xss-protection
0
server
sffe
JTURjIg1_i6t8kCHKm45_dJE7g4.ttf
fonts.gstatic.com/s/montserrat/v15/ 		141 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_dJE7g4.ttf
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
b2736680e9b34afe93ae3f8e7352051512c85f4029cb37fd57142f76889c244a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/

Response headers

content-encoding
gzip
age
325208
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 04 Oct 2025 22:43:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 04 Oct 2024 22:43:16 GMT
last-modified
Tue, 15 Sep 2020 18:11:10 GMT
content-type
font/ttf
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
71833
x-xss-protection
0
server
sffe
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		120 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C5) /
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-md5
MPOa5dHQWkOQRqdkBRC0hg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-lease-status
unlocked
etag
0x8DC490392FC747D
age
1409
x-ms-version
2009-09-19
expires
Tue, 08 Oct 2024 17:33:24 GMT
x-cache
HIT
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
text/javascript; charset=utf-8
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
vary
Accept-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-ms-meta-lastmodified
2020-10-07 00:07:47
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-ms-request-id
4bed56f4-401e-00d1-0ba0-194fcb000000
access-control-allow-origin
*
x-ms-meta-aijssdkver
2.8.18
content-length
48078
x-ms-blob-type
BlockBlob
server
ECAcc (ama/48C5)
extra.min.css
static.everyaction.com/ea-actiontag/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:3e00:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6ae51e8a3a61dffc7234fba32b66fbe9bb01eed427b968588d58c7a3ff9f7f5f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"c45841c69f7a83bba8d38539cc1fe2d0"
age
8949
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
EP_GiCvmOANA5mh8w_uP-ibSvN0S4rwEsj4gf2iGvROiANNUmSPDRA==
date
Tue, 08 Oct 2024 14:34:16 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 08 Oct 2024 14:34:10 GMT
cache-control
max-age=900, s-maxage=86400, public
via
1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
14169
x-amz-cf-pop
FRA56-P6
server
AmazonS3
x-amz-server-side-encryption
AES256
ngpForm
advocator.ngpvan.com/https%3a%2f%2fsecure.everyaction.com%2fv1%2fForms%2f2JGEQUBSsUCU318gN6bAvA2/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://advocator.ngpvan.com/https%3a%2f%2fsecure.everyaction.com%2fv1%2fForms%2f2JGEQUBSsUCU318gN6bAvA2/ngpForm?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Requested by
Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Cowboy / Express
Resource Hash
573685349c5006116233dcecf3a2879bbeeb7a61bbaaaf9b521a6336da4e4e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.everyaction.com/

Response headers

Content-Encoding
gzip
Etag
W/"4bdb-FIt9IvkvyQKOR1wXoQEN+M6Uc1g"
Report-To
{"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1728407005&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=wXTMEj5%2BQRHRGs%2FuZjRH2HnUfn%2FJCfktdxJE42zlG54%3D"}]}
Date
Tue, 08 Oct 2024 17:03:25 GMT
Content-Type
application/json; charset=utf-8
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=31536000; includeSubDomains
Reporting-Endpoints
heroku-nel=https://nel.heroku.com/reports?ts=1728407005&sid=af571f24-03ee-46d1-9f90-ab9030c2c74c&s=wXTMEj5%2BQRHRGs%2FuZjRH2HnUfn%2FJCfktdxJE42zlG54%3D
X-Iinfo
10-69509693-69509698 NNYN CT(101 98 0) RT(1728407004742 10) q(0 0 2 3) r(2 5) U4
Nel
{"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
X-CDN
Imperva
Connection
keep-alive
Access-Control-Allow-Credentials
true
Via
1.1 vegur
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Allow-Origin
https://secure.everyaction.com
X-Powered-By
Express
Server
Cowboy
0f8f3dca-70bd-416f-a91c-60b072f3e8eb
https://secure.everyaction.com/ Frame 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Noto+Serif:ital@1&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://fonts.googleapis.com/

Response headers

age
68641
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 07 Oct 2025 21:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 07 Oct 2024 21:59:23 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
fonts.gstatic.com/s/montserrat/v26/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCuM73w5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Noto+Serif:ital@1&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://fonts.googleapis.com/

Response headers

age
32581
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:00:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:00:23 GMT
last-modified
Wed, 13 Sep 2023 22:45:17 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15240
x-xss-protection
0
server
sffe
ga6saw1J5X9T9RW6j9bNfFIMZhhWnFTyNZIQD1-_FXP0RgnaOg9MYBNLg_cIrqs.woff2
fonts.gstatic.com/s/notoserif/v23/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6saw1J5X9T9RW6j9bNfFIMZhhWnFTyNZIQD1-_FXP0RgnaOg9MYBNLg_cIrqs.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@700&family=Noto+Serif:ital@1&family=Open+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
29b181ec0228a0aadf3142376dffcf1439caa4d3b23699a4e07e17accf28c9de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://secure.everyaction.com
Referer
https://fonts.googleapis.com/

Response headers

age
32034
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 08 Oct 2025 08:09:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 08:09:30 GMT
last-modified
Tue, 24 Oct 2023 00:58:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
15640
x-xss-protection
0
server
sffe
/
cmp.osano.com/ Frame 71A2 		0
0
/
cmp.osano.com/ Frame 71A2 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:ee00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.everyaction.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
55781
alt-svc
h3=":443"; ma=86400
content-encoding
br
content-type
text/html
date
Tue, 08 Oct 2024 08:07:47 GMT
etag
W/"a0cbc82c3c7bce3b368e2118b3cb29d3"
last-modified
Mon, 19 Aug 2024 22:15:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding Origin
via
1.1 383422f03bfc9d77974d0ac637421c22.cloudfront.net (CloudFront)
x-amz-cf-id
CYWpWQVXd0wtrKK71Ga4xcxB27CaJi6DG1E2iyMRZl8FdzPXTEJMYQ==
x-amz-cf-pop
FRA56-P8
x-amz-server-side-encryption
AES256
x-amz-version-id
IV.sz0dqhMjQD06H4vRdCjcmpoMDLZ8n
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
osano-ui.js
cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano-ui.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:266e:fe00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c804de41e1bc5390711cda3a4eea45eff457681831c8de4d4bbe70b227a4064
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
br
x-amz-version-id
f2jYLa9__heHjokcx8v8wEgg581aj0j3
etag
W/"220f66274cf78dd6e5608e0a7c45b442"
age
43065
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
BlLHwFdVtryMzkjLaqZcn7AyhDCFRKyd8-tvY1YzVJLlD2uLvDFsOw==
date
Tue, 08 Oct 2024 05:05:40 GMT
content-type
application/javascript
vary
Accept-Encoding, Origin
last-modified
Mon, 09 Sep 2024 15:25:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=86400, no-transform, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
de.json
cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/de.json
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.31.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
09d3f194bfa3ec32a8d7f554d80878c0104f515f7430a96f3b11cb507c1185a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json
Content-Type
application/json

Response headers

access-control-max-age
86400
content-encoding
br
etag
W/"55ac4e672aba8a64f95dcf47383dc112"
x-amz-version-id
2LibYWsPWtD7BslkPC5J4sbvXkwh_Ngg
age
16774
access-control-allow-methods
GET
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
FhJOnxV1_JTMe-7WKoqxgEjZ_92bLethdTiHWFHct2WSIReDFsI99A==
date
Tue, 08 Oct 2024 12:23:51 GMT
content-type
application/json
vary
Accept-Encoding
last-modified
Mon, 09 Sep 2024 15:25:58 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
cache-control
max-age=86400, no-transform, public
referrer-policy
strict-origin-when-cross-origin
via
1.1 e030504e72fa75d92c1856a58b964932.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA56-P8
server
AmazonS3
x-amz-server-side-encryption
AES256
de.json
cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/de.json
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.245.31.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://secure.everyaction.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 08 Oct 2024 17:03:25 GMT
referrer-policy
strict-origin-when-cross-origin
server
AmazonS3
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
via
1.1 e030504e72fa75d92c1856a58b964932.cloudfront.net (CloudFront)
x-amz-cf-id
LSfyAt20EBy-_7jKH8Uue-Ow35RRJY-sgIqWuOZajvtATSCZo1WyzQ==
x-amz-cf-pop
FRA56-P8
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		294 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KHJCFNQ
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
49cfb95502cef3b6d2a25856ca934f074e5a02391b2c86227e602a10bab50621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 08 Oct 2024 17:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 16:18:03 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104936
x-xss-protection
0
server
Google Tag Manager
_Incapsula_Resource
secure.everyaction.com/ 		81 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=222924603
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
776ba0e0752f637f65d8aadd1093a9f08bef8cba5452eb59ecfdaeafcc6485ca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-encoding
gzip
content-length
19515
content-type
application/javascript
972d5211-0f3e-4605-9971-32398336bb97
https://secure.everyaction.com/ Frame 		0
0
fe6108f1-6cf8-4fa4-89cc-b298b3dc7cfa
https://secure.everyaction.com/ Frame 		0
0
93ea99e1-f366-4984-8e03-7da36c63615f
https://secure.everyaction.com/ Frame 		0
0
ead1a7bf-c7af-4a1c-82b1-b1ece5d3708d
https://secure.everyaction.com/ Frame 		0
0
6e874928-0943-4694-afc6-d132fad4b4d2
https://secure.everyaction.com/ Frame 		0
0
js
www.googletagmanager.com/gtag/ 		286 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DDYQL56F1P&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0aa44288544a96f2c37671b8a2c1af1df12a03178a1b2ac20336c0db0a412d38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 08 Oct 2024 17:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100153
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/ 		274 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-854231331&l=dataLayer&cx=c
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e51494a1710d53b680a563eddf608e89f9a6c8a94321c1aaa74036c9f477890b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Tue, 08 Oct 2024 17:03:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 08 Oct 2024 17:03:24 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 08 Oct 2024 16:34:30 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96259
x-xss-protection
0
server
Google Tag Manager
_Incapsula_Resource
secure.everyaction.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.03339878851583511
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f

Response headers

x-robots-tag
noindex
cache-control
no-cache, no-store
content-length
1
content-type
text/plain
intlTelInput.min.css
d3rse9xjbp8270.cloudfront.net/assets/styles/ 		19 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

access-control-max-age
3000
etag
"7e7462900c78bbf73c9dfde6c0b617fc"
age
8950
access-control-allow-methods
GET
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
19755
x-amz-cf-id
J_4-cA5iqDUB-wPAKffOn_eHrAupTwka5fDvTwPTcH7-XLiOkav6eA==
date
Tue, 08 Oct 2024 14:34:16 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 06 Jul 2022 18:06:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
intlTelInput.js
d3rse9xjbp8270.cloudfront.net/assets/js/ 		87 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/js/intlTelInput.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"0d84f90a2a517cacd498722e0fe0500e"
age
8950
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
q4xrMR7oH6_sJ_ocoVe5n1IRfrl6tPxx4RYf_AnN_VFUFTJmlr5Q_w==
date
Tue, 08 Oct 2024 14:34:16 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 11 Apr 2023 14:36:04 GMT
cache-control
max-age=31536000
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20855
x-amz-cf-pop
FRA60-P3
server
AmazonS3
x-amz-server-side-encryption
AES256
intl-tel.input.utils.js
d3rse9xjbp8270.cloudfront.net/assets/js/ 		245 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by
Host: cmp.osano.com
URL: https://cmp.osano.com/169lN3T6IpRgI1oGH/be3d6a55-0e7a-4c46-95a3-0433c265f52b/osano.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/

Response headers

access-control-max-age
3000
content-encoding
gzip
etag
"4b9bf850ee4aa76202eb0e6f5948bfa8"
age
2851903
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
uznwmYPSVnxFnZwPCbHLewwVN5MMkwpFvqZSXlVT7dWCu5ASNNyWTw==
date
Thu, 05 Sep 2024 16:51:43 GMT
content-type
application/javascript; charset=utf-8
last-modified
Tue, 12 Apr 2022 14:32:46 GMT
cache-control
max-age=31536000
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
56004
x-amz-cf-pop
FRA60-P3
server
AmazonS3
truncated
/ 		784 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
2JGEQUBSsUCU318gN6bAvA2
secure.everyaction.com/v1/Track/ 		0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/v1/Track/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external%20email&utm_campaign=octopus%20act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f&formSessionId=743289d1-f2c6-49aa-ad11-cfe0a7ac0f89&bName=chrome&dType=desktop&formVersion=9/4/2024%2012:58:00%20AM|4/29/2024%204:23:35%20PM&fUrl=aHR0cHM6Ly9zZWN1cmUuZXZlcnlhY3Rpb24uY29tLzJKR0VRVUJTc1VDVTMxOGdONmJBdkEyP21zPWNfcGFpZF93YXBvJnV0bV9tZWRpdW09ZXh0ZXJuYWwrZW1haWwmdXRtX2NhbXBhaWduPW9jdG9wdXMrYWN0JnNvdXJjZWlkPTEwNjUwNzAmbGlfZGlkPWE3M2NmNGI5LWIwYWItMzY0YS1hZGJlLTgzMGNmOWE0YmUxZg%3D%3D&fRef=
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f

Response headers

strict-transport-security
max-age=31536000
x-iinfo
12-109588397-109588400 PNNN RT(1728407003783 1641) q(0 0 0 -1) r(2 2) U2
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
access-control-expose-headers
Request-Context
cache-control
no-cache
pragma
no-cache
x-cdn
Imperva
x-content-type-options
nosniff
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
expires
-1
content-length
0
date
Tue, 08 Oct 2024 17:03:24 GMT
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
flags.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/flags.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2251:9c00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css

Response headers

access-control-max-age
3000
etag
"4e54a2ee652e9cddbd4ef6f8c46e5390"
age
2879095
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
I4Oa9n8G49PTZ8NotYm5lTgRuflWgK-hcgU72xm29rjWG8upOmfdQg==
date
Thu, 05 Sep 2024 09:18:31 GMT
content-type
image/png
last-modified
Thu, 03 Oct 2019 17:12:45 GMT
cache-control
public,max-age=31536000
via
1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
20389
x-amz-cf-pop
FRA60-P3
server
AmazonS3
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://secure.everyaction.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Tue, 08 Oct 2024 17:03:25 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.245 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
4f64a885c05496d42e554da814d208a8b83685bdc281d56f870868b5513eca88
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-type
application/json
Sdk-Context
appId

Response headers

strict-transport-security
max-age=31536000
access-control-allow-origin
*
date
Tue, 08 Oct 2024 17:03:25 GMT
content-type
application/json; charset=utf-8
server
Microsoft-HTTPAPI/2.0
x-content-type-options
nosniff
favicon.ico
secure.everyaction.com/Content/images/
Redirect Chain
  • https://secure.everyaction.com/favicon.ico
  • https://secure.everyaction.com/Content/images/favicon.ico
15 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Content/images/favicon.ico
Protocol
H2
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://secure.everyaction.com/2JGEQUBSsUCU318gN6bAvA2?ms=c_paid_wapo&utm_medium=external+email&utm_campaign=octopus+act&sourceid=1065070&li_did=a73cf4b9-b0ab-364a-adbe-830cf9a4be1f

Response headers

x-iinfo
12-109588397-0 0CNN RT(1728407003783 2491) q(0 -1 -1 -1) r(0 -1)
access-control-expose-headers
Request-Context
etag
"025b43a794db1:0"
x-cdn
Imperva
content-length
15086
date
Tue, 08 Oct 2024 17:03:26 GMT
last-modified
Wed, 11 Sep 2024 18:34:26 GMT
content-type
image/x-icon

Redirect headers

x-iinfo
12-109588397-109588400 PNNN RT(1728407003783 2167) q(0 0 0 -1) r(3 3) U11
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
location
https://secure.everyaction.com/Content/images/favicon.ico
x-cdn
Imperva
content-length
180
date
Tue, 08 Oct 2024 17:03:25 GMT
content-type
text/html; charset=UTF-8
server
Microsoft-IIS/10.0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/847f9205-924b-4d74-b7a8-8660774f3f46
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/33812882-daa7-49a4-9027-c778605ea105
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/252bdc76-8fb7-4c8d-80b3-c20fa11540ad
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/0f8f3dca-70bd-416f-a91c-60b072f3e8eb
Domain
cmp.osano.com
URL
https://cmp.osano.com/
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/972d5211-0f3e-4605-9971-32398336bb97
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/fe6108f1-6cf8-4fa4-89cc-b298b3dc7cfa
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/93ea99e1-f366-4984-8e03-7da36c63615f
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/ead1a7bf-c7af-4a1c-82b1-b1ece5d3708d
Domain
secure.everyaction.com
URL
blob:https://secure.everyaction.com/6e874928-0943-4694-afc6-d132fad4b4d2

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| webpackChunk_osano_cmp_consent_manager function| Osano function| __uspapi object| dataLayer function| cookieSettingsAcceptCookiesAi string| appInsightsSDK object| appInsights function| handleScriptLoadError function| marked function| responsiveIframes function| wrap function| removeFadeOut function| loadingScreen function| parseMarkdown function| moveHeaderAndFooter function| anchorForm function| duplicatePhotoCredit function| takeActionLinks object| takeAction function| scrollEvents function| debounce function| facebookShareLinks function| twitterShareLinks function| emailShareLinks boolean| hasRun function| init object| nvtag_callbacks object| VgForm object| SecureForm object| VGSCollect function| _ object| Backbone object| CSSModal object| nvtag object| _gaq object| nvtag_plugins object| Microsoft object| __dynProto$Gbl object| litHtmlVersions object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| _0x0271 function| _0x1027 object| numberA function| onYouTubeIframeAPIReady object| gaGlobal object| formview object| intlTelInputGlobals function| intlTelInput object| intlTelInputUtils

5 Cookies

Domain/Path Name / Value
.washingtonpost.com/ Name: _lc2_fpi
Value: 4dc617f0d833--01j9phbqvmg7h4wxj9mc8v5haq
.liadm.com/ Name: lidid
Value: 8fc221ee-aac1-404b-a943-b5c409fb4606
.everyaction.com/ Name: visid_incap_823975
Value: Tel4uItvSHGmsdADBsbKittlBWcAAAAAQUIPAAAAAADkRfSoGkTsQLpeUM1S8Wo1
.everyaction.com/ Name: nlbi_823975
Value: VceCBDN363BiLJKzxwoUeQAAAACHyJyiufsX0TSkOs4f07Me
.everyaction.com/ Name: incap_ses_8219_823975
Value: FSD1HttOjBsh5mzeBsEPctxlBWcAAAAA/RzYTYCe6amdd5c+dwGl3g==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

advocator.ngpvan.com
az416426.vo.msecnd.net
cdn.jsdelivr.net
cmp.osano.com
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
fonts.googleapis.com
fonts.gstatic.com
js.verygoodvault.com
nvlupin.blob.core.windows.net
p.liadm.com
secure.everyaction.com
sli.washingtonpost.com
static.everyaction.com
thl-file-server.s3.amazonaws.com
thlclarity.com
www.googletagmanager.com
cmp.osano.com
secure.everyaction.com
142.250.185.131
18.172.112.95
18.245.31.78
198.54.115.224
20.209.68.129
20.50.88.245
2600:9000:223e:7e00:7:ece:8500:93a1
2600:9000:2251:9c00:12:303c:8700:21
2600:9000:2490:3e00:3:1d53:4780:93a1
2600:9000:266e:ee00:3:b7e:8940:93a1
2600:9000:266e:fe00:3:b7e:8940:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:812::2008
2a00:1450:4001:82b::200a
2a04:4e42:600::485
45.60.33.183
54.205.249.138
54.231.162.81
09d3f194bfa3ec32a8d7f554d80878c0104f515f7430a96f3b11cb507c1185a9
0aa44288544a96f2c37671b8a2c1af1df12a03178a1b2ac20336c0db0a412d38
0e536a139bbeaa0fb9d847a1a53a4704dc91fa6cb7faf4524984993d7dad9eca
140ae809612adf5f9abbd4dc06e2dcb92f96bdf56f19a56563db55f609ed259f
1e9cce4ec84d8e1259175b2e3c655d6859c0cab0cba42804b7a001b38a3986b7
2477ffac95d6fa9b7196c793d13b3de179c1e5ec67bf27a5737fafa911a9918b
29b181ec0228a0aadf3142376dffcf1439caa4d3b23699a4e07e17accf28c9de
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
49cfb95502cef3b6d2a25856ca934f074e5a02391b2c86227e602a10bab50621
4f64a885c05496d42e554da814d208a8b83685bdc281d56f870868b5513eca88
573685349c5006116233dcecf3a2879bbeeb7a61bbaaaf9b521a6336da4e4e86
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
5c804de41e1bc5390711cda3a4eea45eff457681831c8de4d4bbe70b227a4064
68f13905b2570ab563f511b8996074ea7ea7f98a395f4b68534f19fa45b9e69f
6ae51e8a3a61dffc7234fba32b66fbe9bb01eed427b968588d58c7a3ff9f7f5f
6db7c3dc9119ef627da8cb18229f495d3d919aa016412bb65d1929843fd96102
6e72e662c3558f38107c904925bfe5104b91e14408863cfefeeda10ad95847b5
776ba0e0752f637f65d8aadd1093a9f08bef8cba5452eb59ecfdaeafcc6485ca
7bf94a4aa6a0872064d045aab0bdc4f8518a5524848b2ad5bf494e552fa6364e
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
852203965f53437340cea9465991479a7a384d3ce6fe7aff55641ea05723a017
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
a60b1ba9daa11468bf1b846e8515e51b97023f341f2962a9623b9d8aaa7904ad
b2736680e9b34afe93ae3f8e7352051512c85f4029cb37fd57142f76889c244a
b31b29a36863fed7e0d370f54e142ef7028b72915293aac0c441c0599f4cab13
b89cfec5c3663d9bc91c9c1c4b1d32bc52bdd46547d60101bde79bca3e5a2d41
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136
e374c1c5e2146ffad98eeecfe55542adcb3ec9dfe9f9eddbc70d67dea3e2b2d8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e51494a1710d53b680a563eddf608e89f9a6c8a94321c1aaa74036c9f477890b
e84e457deeb5f0e627f2dc74f3e3ce3544de446c51ce193b5ba0b6bb02ad505c
ebfed7bbe1e7abc75eb8f19725e1c90bbf60130a108283713db11549b5b672f3
ee5c9b8387c1031d0452d64ff28afd7eed38f5ebe262da08c75679697c4b1a5e
f6c7d0c619a0fd65b97242bfcfe489a940b63e2501aa72cc9751c7a0b21c7406
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc