45.65.114.69.sslip.io Open in urlscan Pro
45.65.114.69  Public Scan

20 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 54

• https://l.sharethis.com/pview?event=pview&hostname=45.65.114.69.sslip.io&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Home%20%7C%20Sierra%20Club&cms=unknown&publisher=64650cc8f2128c001afed341&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=33624d94-18bb-4843-ad60-86fe8da2133a HTTP 301
• https://l.sharethis.com/sc?event=pview&hostname=45.65.114.69.sslip.io&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Home%20%7C%20Sierra%20Club&cms=unknown&publisher=64650cc8f2128c001afed341&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=33624d94-18bb-4843-ad60-86fe8da2133a&samesite=None

Request Chain 66

• https://13787927.fls.doubleclick.net/activityi;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F45.65.114.69.sslip.io%2F HTTP 302
• https://13787927.fls.doubleclick.net/activityi;dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F45.65.114.69.sslip.io%2F

Request Chain 71

• https://cnv.event.prod.bidr.io/log/cnv?tag_id=1212&buzz_key=dsp&value=&segment_key=dsp-14573&account_id=73&order=[ORDER]&ord=[CACHEBUSTER] HTTP 303
• https://cnv.event.prod.bidr.io/log/cnv?tag_id=1212&buzz_key=dsp&value=&segment_key=dsp-14573&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1

Request Chain 75

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true HTTP 302
• https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1611618%26time%3D1701528410831%26url%3Dhttps%253A%252F%252F45.65.114.69.sslip.io%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true&liSync=true HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQIbk3gvOAr_JAAAAYwq_xxqzPRCScxL3OQ5fFkZWbK8bgKkjspK72ZY-OcOe3KO5hEBCw

Request Chain 86

• https://pixel.sitescout.com/dmp/asyncPixelSync HTTP 302
• https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1

Request Chain 87

• https://pixel.sitescout.com/up/0d405d18ef388eb6?cntr_url=https%3A%2F%2F45.65.114.69.sslip.io%2F HTTP 302
• https://pixel.sitescout.com/up/0d405d18ef388eb6?cookieQ=1&cntr_url=https%3A%2F%2F45.65.114.69.sslip.io%2F

Request Chain 88

• https://dpm.demdex.net/ibs:dpid=82530&dpuuid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=

Request Chain 89

• https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553 HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553

Request Chain 90

• https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= HTTP 302
• https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=&xl8blockcheck=1 HTTP 302
• https://load77.exelator.com/pixel.gif

Request Chain 91

• https://idsync.rlcdn.com/384136.gif?partner_uid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= HTTP 307
• https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyZjI0ZWRhMmItZTIwZS00NzM0LWEyYWMtMjUyMTUyYWMxM2U0LTY1NmI0MzViLTU1NTMQABoNCNyGrasGEgUI6AcQAEIASgA

Request Chain 92

• https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= HTTP 302
• https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=&ct=y

83 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
12 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response 45.65.114.69.sslip.io/	102 KB 29 KB	835ms 550ms	Document text/html	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash d715ffb8654e7f2b92c249711edd799e3c68420d7b28c16e292bca106a64e203 Security Headers Name Value Strict-Transport-Security max-age=0 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=1800, public content-encoding gzip content-language en content-security-policy-report-only default-src 'self' blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: *.addthis.com *.akamai.net *.convertexperiments.com *.flickr.com https://*.hotjar.com *.google.com *.sierraclub.org *.twitter.com cdn.ampproject.org cdn.hypemarks.com cdn.jsdelivr.net cdn.optimizely.com connect.facebook.net google-analytics.com google.com googletagmanager.com instagram.com js.maxmind.com maps.googleapis.com partner.googleadservices.com pixel.sitescout.com public.tableau.com reddit.com scribd.com snap.licdn.com unpkg.com v1.addthisedge.com widgets.pinterest.com z.moatads.com; object-src 'self'; style-src 'self' 'unsafe-inline' https: *.sierraclub.org cdn.honey.io cdn.jsdelivr.net cdn.knightlab.com cdnjs.cloudflare.com cloud.typography.com https://*.hotjar.com fonts.googleapis.com google.com pro.fontawesome.com; img-src * 'unsafe-inline' blob: data: https:; media-src 'self' data:; frame-src 'self' https: *.addthis.com *.doubleclick.net *.fls.doubleclick.net *.ggusd.us *.google.com https://*.hotjar.com *.optimizely.com *.s3.amazonaws.com *.sierraclub.org *.stpsb.org *.twitter.com block.opendns.com blocked.goguardian.com calendar.google.com cdn.bannersnack.com ckreport.lisd.net clubvolunteer.org facebook.com funnyordie.com gateway.zscalertwo.net global.acs.prismaaccess.com googletagmanager.com instagram.com m.facebook.com maphub.net meetup.com mozbar.moz.com player.vimeo.com public.tableau.com quorum.us rcm-na.amazon-adsystem.com s7.addthis.com spur.maps.arcgis.com static.contextall.com trustpoint-lax.northcentraltrust.com vpn.myips.org web.facebook.com youtube-nocookie.com youtube.com https://driveelectricweek.org/; frame-ancestors 'self' https: blob: sierraclub.org driveelectricweek.org; child-src 'self' https: blob: sierraclub.org driveelectricweek.org; font-src 'self' data: https: *.sierraclub.org at.alicdn.com cdn.honey.io cdn.jsdelivr.net https://*.hotjar.com fonts.gstatic.com pro.fontawesome.com slant.co; connect-src 'self' https: *.doubleclick.net *.google-analytics.com *.google.com https://*.hotjar.com https://*.hotjar.io wss://*.hotjar.com *.optimizely.com *.sierraclub.org cdn.linkedin.oribi.io csp.withgoogle.com facebook.com geoip-js.com google-analytics.com googletagmanager.com logx.optimizely.com maps.googleapis.com sharethis.com secure.geonames.org stats.g.doubleclick.net *.osano.com; report-uri /report-csp-violation; upgrade-insecure-requests content-type text/html; charset=UTF-8 date Sat, 02 Dec 2023 14:46:48 GMT etag "1701493329" expires Sun, 19 Nov 1978 05:00:00 GMT last-modified Sat, 02 Dec 2023 05:02:09 GMT referrer-policy strict-origin-when-cross-origin server nginx/1.24.0 strict-transport-security max-age=0 traceresponse 00-179d0b127cddf8ae5714600286176baf-a9958ed8fd1730ab-01 vary Cookie x-cdn Imperva x-content-type-options nosniff x-debug-info eyJyZXRyaWVzIjowfQ== x-drupal-cache HIT x-drupal-dynamic-cache MISS x-frame-options SAMEORIGIN x-generator Drupal 9 (https://www.drupal.org) x-iinfo 8-72505577-72505578 NNYN CT(104 111 0) RT(1701528407556 14) q(0 0 2 -1) r(2 4) U12 x-platform-cluster gcheo2mr4e7xo-main-bvxea6i x-platform-processor xa54ehs7romxi3jn4x44rs46ze x-platform-router 5wqnwjd7swf5raou5kd6zvzgre x-ua-compatible IE=edge
GET H2	200	google_tag.script.js Show response 45.65.114.69.sslip.io/sites/default/files/google_tag/gt_container/	347 B 839 B	613ms 612ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/google_tag/gt_container/google_tag.script.js?s4wqhv Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 2102e264d505e68e6c91f793a7bd135d82d89fcfba1b1392cd4397727b3db9c6 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:48 GMT content-encoding gzip last-modified Wed, 29 Nov 2023 22:58:53 GMT server nginx/1.24.0 x-cdn Imperva etag W/"6567c22d-15b" content-type application/javascript x-iinfo 8-72505655-72505658 NVNN CT(105 106 0) RT(1701528408206 13) q(0 0 2 -1) r(3 3) cache-control max-age=0 content-length 281
GET H/1.1	403 Forbidden	fonts.css cloud.typography.com/7941436/6171612/css/	0 0	196ms 66ms	Stylesheet text/html	23.73.253.98 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://cloud.typography.com/7941436/6171612/css/fonts.css Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 23.73.253.98 Edison, United States, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-73-253-98.deploy.static.akamaitechnologies.com Software / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers
GET H2	200	css_icfTOfbrQwfK1GWzY73cpsywv8xb6V1tiXo4XpckkGQ.css 45.65.114.69.sslip.io/sites/default/files/css/	15 KB 4 KB	320ms 319ms	Stylesheet text/css	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/css/css_icfTOfbrQwfK1GWzY73cpsywv8xb6V1tiXo4XpckkGQ.css Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 89c7d339f6eb4307cad465b363bddca6ccb0bfcc5be95d6d897a385e97249064 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:48 GMT content-encoding gzip last-modified Tue, 14 Nov 2023 08:01:01 GMT server nginx/1.24.0 x-cdn Imperva etag "6553293d-dad" content-type text/css x-iinfo 4-44607232-0 0CNN RT(1701528408206 16) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 3501
GET H2	200	css_yRBjJWcsX1A0I8eYKMB-AZobJHkdhzesL6W1WCjg6OI.css 45.65.114.69.sslip.io/sites/default/files/css/	927 KB 326 KB	160ms 159ms	Stylesheet text/css	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/css/css_yRBjJWcsX1A0I8eYKMB-AZobJHkdhzesL6W1WCjg6OI.css Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash c9106325672c5f503423c79828c07e019a1b24791d8737ac2fa5b55828e0e8e2 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:48 GMT content-encoding gzip last-modified Tue, 14 Nov 2023 08:02:19 GMT server nginx/1.24.0 x-cdn Imperva etag "6553298b-51489" content-type text/css x-iinfo 4-44607231-0 0CNN RT(1701528408206 11) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 332937
GET H2	200	all.css pro.fontawesome.com/releases/v5.15.2/css/	170 KB 32 KB	284ms 212ms	Stylesheet text/css	2606:4700:4400::6812:2844 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://pro.fontawesome.com/releases/v5.15.2/css/all.css Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2844 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash caf2756a13f8fee24efb8378994a43a44150c14fa06dc7ac372e24226b03c220 Request headers Referer https://45.65.114.69.sslip.io/ Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:48 GMT content-encoding gzip cf-cache-status MISS last-modified Mon, 28 Jun 2021 17:19:52 GMT server cloudflare x-amz-request-id JK4VDDMRFDYSBHV9 etag W/"5d0272dee21aa68865e04f1137c93c8b" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET access-control-allow-origin * content-type text/css cache-control max-age=31556926 cf-ray 82f45c89eaf37434-MIA x-amz-id-2 OSoTnOK4GHzgCV3JV848X6MMXj7v2ytIhlw2mOZRl65m8fEPb4wbrRlm58ox0yPBIdRTLM48l4I=
GET H2	200	logo.svg 45.65.114.69.sslip.io/sites/default/themes/custom/bootpt/	60 KB 17 KB	510ms 510ms	Image image/svg+xml	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/themes/custom/bootpt/logo.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash f00ef01c2cd99faae652c134f268dd75a04ca46873de766b2e3b89afe4d18f39 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Mon, 27 Nov 2023 23:43:28 GMT server nginx/1.24.0 x-cdn Imperva etag W/"656529a0-eef6" content-type image/svg+xml x-iinfo 9-84632472-84632480 NVNN CT(119 108 0) RT(1701528408322 14) q(0 0 2 -1) r(2 3) cache-control max-age=0 content-length 16322
GET H/1.1	200 OK	iStock-1290204324.jpg www.sierraclub.org/sites/default/files/2023-09/	3 MB 3 MB	156ms 88ms	Image image/jpeg	45.60.12.25 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sierraclub.org/sites/default/files/2023-09/iStock-1290204324.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.12.25 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash c441f8bf49d1008483acd585fd4d58d363dd3010377613eaf4d7b130c440d6b2 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sat, 02 Dec 2023 14:46:48 GMT Last-Modified Mon, 13 Nov 2023 10:05:05 GMT X-CDN Imperva Etag "6551f4d1-29e9a7" Content-Type image/jpeg X-Iinfo 14-202368651-202312948 pVNy RT(1701528408623 31) q(0 0 0 0) r(1 1) Cache-Control max-age=0 x-incap-sess-cookie-hdr +iD5V2gha0fjfROnLu/bE1hDa2UAAAAATrER5QFKCvVnzXAsbaAz8A== Content-Length 2746791
GET H/1.1	200 OK	iStock-1453838553.jpg www.sierraclub.org/sites/default/files/2023-09/	3 MB 3 MB	143ms 90ms	Image image/jpeg	45.60.12.25 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sierraclub.org/sites/default/files/2023-09/iStock-1453838553.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.12.25 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash eaea6f5d6bb94c9c0f53e7a98f104c478f70b0afad7415914bde537c0b010a87 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sat, 02 Dec 2023 14:46:48 GMT Last-Modified Mon, 13 Nov 2023 10:04:29 GMT X-CDN Imperva Etag "6551f4ad-29c088" Content-Type image/jpeg X-Iinfo 14-202368675-202348584 pVNy RT(1701528408757 27) q(0 0 0 0) r(1 1) Cache-Control max-age=0 x-incap-sess-cookie-hdr ms12SQQWbAPjfROnLu/bE1hDa2UAAAAAIoi+Jz874iVLchMXnXzNxw== Content-Length 2736264
GET H/1.1	200 OK	sierra-club-my-generation.jpg www.sierraclub.org/sites/default/files/2023-10/	367 KB 368 KB	141ms 87ms	Image image/jpeg	45.60.12.25 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sierraclub.org/sites/default/files/2023-10/sierra-club-my-generation.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.12.25 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 54c5ac84218af68e185a57752a6994bfbc9ae8188aae60086684ef1975b0d5a7 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sat, 02 Dec 2023 14:46:48 GMT Last-Modified Mon, 13 Nov 2023 19:49:06 GMT X-CDN Imperva Etag "65527db2-5bb66" Content-Type image/jpeg X-Iinfo 14-202368676-202365286 pVNy RT(1701528408761 27) q(0 0 0 0) r(1 1) Cache-Control max-age=0 x-incap-sess-cookie-hdr ZQc4NU9KlVHjfROnLu/bE1hDa2UAAAAAdup4rgYzLBFOU/xYLh/WaQ== Content-Length 375654
GET H2	200	get-involved-home-page.jpg 45.65.114.69.sslip.io/sites/default/files/2023-09/	101 KB 102 KB	567ms 562ms	Image image/jpeg	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/files/2023-09/get-involved-home-page.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 0b13f03245d9cd1a9126b752082790ee8b9f14b2dc27737979d0d7404d04e1a5 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT last-modified Mon, 13 Nov 2023 10:09:21 GMT server nginx/1.24.0 x-cdn Imperva etag "6551f5d1-19445" content-type image/jpeg x-iinfo 7-75634901-75634907 NVNN CT(109 113 0) RT(1701528408851 42) q(0 0 3 -1) r(4 4) cache-control max-age=0 content-length 103493
GET H2	200	sc-logo-white.svg 45.65.114.69.sslip.io/sites/default/themes/custom/bootpt/images/logos/	59 KB 16 KB	569ms 566ms	Image image/svg+xml	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/themes/custom/bootpt/images/logos/sc-logo-white.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 6bb26823691a1e2ba4d8cb41787ee88c75959dca1efc5dc8c899897cec84fe61 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Mon, 27 Nov 2023 23:43:28 GMT server nginx/1.24.0 x-cdn Imperva etag W/"656529a0-eb6c" content-type image/svg+xml x-iinfo 14-120304380-120304385 NVNN CT(103 112 0) RT(1701528408851 43) q(0 0 3 -1) r(4 4) cache-control max-age=0 content-length 16062
GET H2	200	js_AqmDmmXtxeaHVu3xcdG2zyaHEnlZalxy9J6xKDJ1uAI.js Show response 45.65.114.69.sslip.io/sites/default/files/js/	118 KB 41 KB	219ms 215ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/js/js_AqmDmmXtxeaHVu3xcdG2zyaHEnlZalxy9J6xKDJ1uAI.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 02a9839a65edc5e68756edf171d1b6cf26871279596a5c72f49eb1283275b802 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Mon, 13 Nov 2023 21:14:24 GMT server nginx/1.24.0 x-cdn Imperva etag "655291b0-a0f7" content-type application/javascript x-iinfo 9-84632577-0 0CNN RT(1701528408851 56) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 41207
GET H2	200	fru_fru_hide_donation_reminder_activity-ff0ebdc1c0691fca1b8a7ee176086821.js Show response 45.65.114.69.sslip.io/sites/default/files/asset_injector/js/	531 B 812 B	507ms 503ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/asset_injector/js/fru_fru_hide_donation_reminder_activity-ff0ebdc1c0691fca1b8a7ee176086821.js?s4wqhv Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 49e6b7747ba87c465ae667f3df33d8632cbd2fa833e9bacf4d38268362a6cb44 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Wed, 29 Nov 2023 22:58:53 GMT server nginx/1.24.0 x-cdn Imperva etag W/"6567c22d-213" content-type application/javascript x-iinfo 1-27805496-27805497 NVNN CT(102 103 0) RT(1701528408851 42) q(0 0 3 -1) r(4 4) cache-control max-age=0 content-length 256
GET H2	200	js_POihhPzKz2EcfIMZMx41YYtwi0iH_S-9uo30TW-ZWVs.js Show response 45.65.114.69.sslip.io/sites/default/files/js/	176 KB 42 KB	202ms 198ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/js/js_POihhPzKz2EcfIMZMx41YYtwi0iH_S-9uo30TW-ZWVs.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 3ce8a184fccacf611c7c8319331e35618b708b4887fd2fbdba8df44d6f99595b Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Mon, 13 Nov 2023 21:13:06 GMT server nginx/1.24.0 x-cdn Imperva etag "65529162-a609" content-type application/javascript x-iinfo 2-32010740-0 0CNN RT(1701528408851 42) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 42505
GET H2	200	sharethis.js Show response platform-api.sharethis.com/js/	205 KB 46 KB	231ms 81ms	Script text/javascript	54.192.51.58 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://platform-api.sharethis.com/js/sharethis.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.192.51.58 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-51-58.yul62.r.cloudfront.net Software / Resource Hash 130c61c2bfc6dff6d70ec2dae4ca8ba7dcf669878d81c91a5821b44b3972c2b6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Frame-Options SAMEORIGIN Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:45:17 GMT content-encoding gzip via 1.1 ae7bbb23871eba9dda7f1abdc6bacfa0.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-amz-cf-pop YUL62-C2 age 92 etag W/"332a8-TLw9AuvfjXyryvfCUMBAgFW/bLw" x-frame-options SAMEORIGIN vary Accept-Encoding content-type text/javascript; charset=utf-8 edge-control cache-maxage=60m,downstream-ttl=60m cache-control max-age=600, public x-cache Hit from cloudfront x-amz-cf-id KzmHbaWAySDG9oCZN_qdzpdpEvOjOVXE6UIqkoPqN2ZiUnBmdDW4Ww==
GET H2	200	js_AZdgME8ke6g5xgPY8xjIPpM5RzDAagXBSjyeqdh9bW8.js Show response 45.65.114.69.sslip.io/sites/default/files/js/	45 KB 11 KB	208ms 205ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/js/js_AZdgME8ke6g5xgPY8xjIPpM5RzDAagXBSjyeqdh9bW8.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 019760304f247ba839c603d8f318c83e93394730c06a05c14a3c9ea9d87d6d6f Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Tue, 14 Nov 2023 05:20:51 GMT server nginx/1.24.0 x-cdn Imperva etag "655303b3-2a9d" content-type application/javascript x-iinfo 7-75634903-0 0CNN RT(1701528408851 46) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 10909
GET H/1.1	200 OK	form-submission_drupal.js Show response static.sierraclub.org/resources/knowwho/js/	11 KB 5 KB	281ms 222ms	Script application/javascript	45.60.12.25 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://static.sierraclub.org/resources/knowwho/js/form-submission_drupal.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.12.25 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash f161d88588e714eb3e5e9424552c5dcfe74fb0196108d61043b0e79ed9e92a02 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sat, 02 Dec 2023 14:46:49 GMT Strict-Transport-Security max-age=0 Content-Encoding gzip X-CDN Imperva Traceresponse 00-179d0b12c22359734eaa8d65ccd9e105-d3512d1bdee4532d-01 Transfer-Encoding chunked X-Platform-Processor rkz7rqemhuzu4jfgijigepmulm X-Iinfo 14-202368677-202368681 nNYN RT(1701528408765 31) q(0 0 2 1) r(2 2) U9 Last-Modified Fri, 17 Nov 2023 21:47:25 GMT Etag "6557df6d-2b97" Vary Accept-Encoding X-Platform-Cluster gcheo2mr4e7xo-main-bvxea6i Content-Type application/javascript Cache-Control no-cache X-Debug-Info eyJyZXRyaWVzIjowfQ== x-incap-sess-cookie-hdr NUUUPkkuyAH8fROnLu/bE1hDa2UAAAAAZNLpcHkALuRFGyU0Py1W1Q== Accept-Ranges bytes X-Platform-Router 5wqnwjd7swf5raou5kd6zvzgre Expires Sat, 02 Dec 2023 14:46:48 GMT
GET H2	200	js_XBT4TroW-ZbxGpSXt1QmpUY2iIbzf0ov8lcDR9fZ528.js Show response 45.65.114.69.sslip.io/sites/default/files/js/	7 KB 3 KB	229ms 226ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/js/js_XBT4TroW-ZbxGpSXt1QmpUY2iIbzf0ov8lcDR9fZ528.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 5c14f84eba16f996f11a9497b75426a546368886f37f4a2ff2570347d7d9e76f Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Mon, 13 Nov 2023 21:12:23 GMT server nginx/1.24.0 x-cdn Imperva etag "65529137-a90" content-type application/javascript x-iinfo 9-84632578-0 0CNN RT(1701528408851 69) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 2704
GET H2	200	geoip2.js Show response js.maxmind.com/js/apis/geoip2/v2.0/	3 KB 2 KB	110ms 43ms	Script application/javascript	2606:4700:7::a29f:8616 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://js.maxmind.com/js/apis/geoip2/v2.0/geoip2.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:7::a29f:8616 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 637c71a706d26a0d6f41e1a15b6d034443ab446e714541b9ab28ed967f676ea7 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip cf-cache-status HIT last-modified Sat, 02 Dec 2023 14:46:30 GMT server cloudflare age 19 vary Accept-Encoding content-type application/javascript; charset=utf-8 cache-control public, max-age=14400 cf-ray 82f45c8ddb5bdab5-MIA expires Sat, 02 Dec 2023 18:46:49 GMT
GET H2	200	js_d2i5_NLREettwLYGfdv_8OKn6aoH3BmAKTkpfneGXS0.js Show response 45.65.114.69.sslip.io/sites/default/files/js/	33 KB 9 KB	203ms 200ms	Script application/javascript	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/sites/default/files/js/js_d2i5_NLREettwLYGfdv_8OKn6aoH3BmAKTkpfneGXS0.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 7768b9fcd2d111eb6dc0b6067ddbfff0e2a7e9aa07dc19802939297e77865d2d Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding gzip last-modified Mon, 13 Nov 2023 21:17:33 GMT server nginx/1.24.0 x-cdn Imperva etag "6552926d-23cc" content-type application/javascript x-iinfo 7-75634902-0 0CNN RT(1701528408851 44) q(0 -1 -1 -1) r(0 -1) cache-control max-age=0 content-length 9164
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 3 KB	211ms 70ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3922e846a001f4273f015a035d80f01e2e0105a9c360da844f9bde02feb030d2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://45.65.114.69.sslip.io/ Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 02 Dec 2023 14:46:49 GMT content-md5 qYsS+/6KhFr9gNDL8lhOAw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1689 reporting-endpoints x-fb-debug P3dhdeuR8bgVJ38SiSyTlIxlOWUMdlJhcn2ey1GFSLQgrQP59juNylwsvMVogHYgDqIDyO0FnM1W5yXVsWrCjg== x-fb-content-md5 1ed5afa6fb7064800818c54636266705 cross-origin-opener-policy same-origin-allow-popups etag "0d66fde77e0e35cf896008271ee137b0" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-fb-optimizer 0 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sat, 02 Dec 2023 15:02:18 GMT
GET H2	200	ALDUVYMB Show response cdn.fundraiseup.com/widget/	146 KB 49 KB	113ms 49ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.fundraiseup.com/widget/ALDUVYMB Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5b6910912a65e19a298f915bcb237772aae80f2abef24c542f17af116515911 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"3862258226" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTjyId3Pm48THsyTdPQjSxnGWIp33Uv1jcjEswU%2BLl9s5OmbyOwyFj5Kxl%2F3E3tkHACoEtB6egqnKmjRUEVbobpwO6YhLlR0qZGaiL%2FSRqlJlKO5s2zljJzKz8plrSOsCkBnefk%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cf-ray 82f45c8ddba521b5-MIA link <https://static.fundraiseup.com/6c726161b913.elementsApi.js>; rel=preload; as=script, <https://static.fundraiseup.com/embed-data/elements-global/ALDUVYMB.js>; rel=preload; as=script, <https://static.fundraiseup.com/3.ba47a1df75a4.async-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/2.7055e8036e0f.elements-langs-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/0.8c77113e0610.elements-vendors.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout.f9a0d0b49da4da21a25d.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-vendors.7c765e60093d512162d1.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-styles.03c15be0092fda4e3895.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js>; rel=preload; as=script, <https://static.fundraiseup.com/sentry.f22c57a6d1868860f77a.js>; rel=preload; as=script, <https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.5d35a4e41e854dff90df.js>; rel=preload; as=script alt-svc h3=":443"; ma=86400
GET H2	200	redwoods.png 45.65.114.69.sslip.io/sites/default/files/sc_hero_block_uploads/	2 MB 2 MB	504ms 504ms	Image image/png	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/files/sc_hero_block_uploads/redwoods.png Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 202c6e6610fab45f88a10d78f6fde5ff94bac718505677e55d44e5f7ee9f4e44 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT last-modified Mon, 13 Nov 2023 18:30:41 GMT server nginx/1.24.0 x-cdn Imperva etag "65526b51-1c552e" content-type image/png x-iinfo 4-44607276-44607278 NVNN CT(101 106 0) RT(1701528408858 45) q(0 0 2 -1) r(2 3) cache-control max-age=0 content-length 1856814
GET H/1.1	200 OK	puerto-rico-beach-v2.jpg www.sierraclub.org/sites/default/files/2023-10/	175 KB 176 KB	135ms 81ms	Image image/jpeg	45.60.12.25 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.sierraclub.org/sites/default/files/2023-10/puerto-rico-beach-v2.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.60.12.25 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash f45e0c815c68aa33fbb8327de7d51782e55f1c88baa51b0763df4c28b5ba89ff Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sat, 02 Dec 2023 14:46:48 GMT Last-Modified Mon, 13 Nov 2023 19:47:27 GMT X-CDN Imperva Etag "65527d4f-2bb17" Content-Type image/jpeg X-Iinfo 10-99003952-98796596 pVNy RT(1701528408775 28) q(0 0 0 0) r(0 0) Cache-Control max-age=0 x-incap-sess-cookie-hdr t53JfJ0PFCLjfROnLu/bE1hDa2UAAAAAWDiDeRaQEz4aP/vhK9rwug== Content-Length 178967
GET H2	200	take-action-climate-march.jpg 45.65.114.69.sslip.io/sites/default/files/2023-10/	382 KB 383 KB	658ms 657ms	Image image/jpeg	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/files/2023-10/take-action-climate-march.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash d7674129a43cea296d3c03f670f91ee9cc8a9d534b640d5bed13c60a912a078f Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT last-modified Mon, 13 Nov 2023 19:48:09 GMT server nginx/1.24.0 x-cdn Imperva etag "65527d79-5f78b" content-type image/jpeg x-iinfo 10-94871541-94871548 NVNN CT(114 108 0) RT(1701528408858 50) q(0 0 2 -1) r(3 3) cache-control max-age=0 content-length 391051
GET H2	200	24154_5_JennieMoon-flipped.jpg 45.65.114.69.sslip.io/sites/default/files/2023-09/	222 KB 223 KB	906ms 905ms	Image image/jpeg	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/files/2023-09/24154_5_JennieMoon-flipped.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 291e53946629a7ed3ec0991808faa9def56c8a14e46866f7cbf54a9b37157c69 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT last-modified Mon, 13 Nov 2023 10:06:44 GMT server nginx/1.24.0 x-cdn Imperva etag "6551f534-3799d" content-type image/jpeg x-iinfo 3-37380774-37380776 NVNN CT(103 108 0) RT(1701528408996 16) q(0 0 2 -1) r(2 3) cache-control max-age=0 content-length 227741
GET H2	200	magazine-covers.jpg 45.65.114.69.sslip.io/sites/default/files/2023-10/	284 KB 285 KB	905ms 904ms	Image image/jpeg	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Show image Full URL https://45.65.114.69.sslip.io/sites/default/files/2023-10/magazine-covers.jpg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash 28997886c92f8d97d4258d5478a159406fb723995dc14669252e80e91f8ab46c Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT last-modified Mon, 13 Nov 2023 19:44:10 GMT server nginx/1.24.0 x-cdn Imperva etag "65527c8a-46f3a" content-type image/jpeg x-iinfo 8-72505739-72505740 NVNN CT(105 104 0) RT(1701528408996 11) q(0 0 2 -1) r(3 3) cache-control max-age=0 content-length 290618
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 83a296a7b64812fb2b4d69596dd2706baf74459500df296dec7de7bc79e07dad Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9a369a0a95e2cb5399ab42e0a3aea14630395a777f2377a48c877a9618e024d3 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d1a861351af5131fcd66fd9ffcb24f153dc12bd463eecdc9965f501c3cda937d Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	17 KB 17 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 809811d20ddb682d1dd1f325f9c8dad02f40a43af2fbc7860c85334dc8a067b0 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ecff13d384d78fb4516cdf20bd7a27fd7de782f3ef33bb2efbec27e04e5aae4a Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	16 KB 16 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 69cc84c5d2e97ca7bcaecb8c951576296cda235b8d05666943c23df43909f8a0 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c7e8b8c0e56bf8cf16a2da06aa069f8da56b9f2ca09332b11ecd42a25372934d Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ab5436a3e63056a87f687dc7b8495cabd0e9b931e0996c396ab91fa6d646eead Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ed67fb27cde9671cb5972100ddce791b88a251b7edee85db66c3b72f19a5f429 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0af7638f0dd56bcfab56ededaafa1dd49ec69b7adfdaece899d175accefc2b3 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash cfca9b45a47277c729c1be3f86c3c9e862c878682554cd9130243eb4af3c2f88 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET DATA	200 OK	truncated /	6 KB 6 KB		Font application/x-font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4bc635db98cd9bd785d7383200e8c7c2714ce835253dc863e957c6010338a7b7 Request headers Referer Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Type application/x-font-woff
GET H2	200	6c726161b913.elementsApi.js Show response static.fundraiseup.com/	121 KB 39 KB	50ms 41ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/6c726161b913.elementsApi.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 231007ebcbac4210ace0da2fc2570ad8a504c2f554e340c0c9f08e926751a25d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id C9VACEQ4XX6STV72 age 108107 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 tHowqxt9w9Z0brx7BPmSmu+yyI5YTML4FlW9Xu2mD90ljyiYWYcOIST60PCpCLpXY4/oiCYOFUg= last-modified Fri, 01 Dec 2023 08:27:12 GMT server cloudflare etag W/"50241ee3d31c3b586679c5fff5e1bffd" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ObAvkbMDRnwHhKI6u8mx3PycSJmKztzKCx1Ep8zPeuuvRl5tb23SIJpi8591XIQ%2BO07QC1fp59YdxU9%2F46Jkh%2F483iQw04V7MYVYxdzbhUH3FT7OQ42enXCyV%2FT9Aac91ybyzTi8Z%2Bg%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1821b5-MIA
GET H2	200	ALDUVYMB.js Show response static.fundraiseup.com/embed-data/elements-global/	33 KB 4 KB	47ms 39ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/embed-data/elements-global/ALDUVYMB.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7c94a53970fc85575886b969dd12e7c757c16099496fab367eb0fcd39f04871 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id CATRXH44J67CE7TS age 62747 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 YY93X1aN+Q0Aa0VOCQl5DTRXFXOFrR90X9o+9fP52uz9PPTZl7/P/i1EdMxrLWLkaDF8h4fTC44= last-modified Fri, 01 Dec 2023 21:20:18 GMT server cloudflare etag W/"1b2dae2b1aa204d9c9428aa8304e62c3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTc2QUHQjzAzbYyPOPIsslOnyBhF6bT8k0liD%2By8hmA1HTN8WSfAv8lNc9HvUkBkYm6ywGOLYsId7QB1f3XJ73iT5%2F6oxH6VbYT48VI0bBYB2nO%2F7NXlzwDBeUd4xtlzYFbeSbj7bos%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript cache-control no-cache, no-store cf-ray 82f45c8e3c1521b5-MIA
GET H2	200	3.ba47a1df75a4.async-vendors.js Show response static.fundraiseup.com/	102 KB 37 KB	74ms 66ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/3.ba47a1df75a4.async-vendors.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bc96db5f7e0fd6a968d602f3d6ecc5c4492ef4f4910e11fc9f1f55fab99615f1 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 1YB41N570KV4SDVA age 1388173 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 1dM82JyE/HHct7rTkJZi8/pnIYQjZ3G5ZT6Kc0ojiMP1h7kXUbrOAEphOXN2KSaMxaRSFiNjwcE= last-modified Thu, 16 Nov 2023 12:50:28 GMT server cloudflare etag W/"ed82544cdc979fb43220fca23e4fc1a8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7P0TMOyR9yTGGgV6DpinYyCSDlqQjY6pFBT1txWYgFgDSP8Fz4ku1TOytYT%2FWfiQCSQ2VbTwjCPAkN1k2js%2Fha5XpJ0TX73rM37qUn1fRqjrQCWnTDxHKtdqz5eVXg06%2Frfq1BPIuw%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1321b5-MIA
GET H2	200	2.7055e8036e0f.elements-langs-vendors.js Show response static.fundraiseup.com/	309 KB 56 KB	75ms 67ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/2.7055e8036e0f.elements-langs-vendors.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b3019500f0719f4e779e0892e7b12258380401aa61db45220eaf57bda35bbfe Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 1YB3D683BBCPJXJT age 355131 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 4uMRPS65PI9ZGE2Z0JJK8CQVc4kbUWBMlwDuYhA2ci3FLtdYRJL5Tz08aYalRGdsK2U4psRZe+U= last-modified Thu, 16 Nov 2023 12:50:24 GMT server cloudflare etag W/"1246b314f875d53ff2bd417c6afb991d" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HLDXQegEjDjryQlL6xP5%2FO5tW5cg%2BjCHUdxWYzaGlgG4Y8tgx7nPe1%2FI%2Bo87384%2FIHTN3zng6YrnL%2BdJbvAwyCVpaUssW0LIE3Ih0uqwejXUk5BHxfeic5yR6Nh2ZFeg97D5q1p6QXA%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1421b5-MIA
GET H2	200	0.8c77113e0610.elements-vendors.js Show response static.fundraiseup.com/	69 KB 18 KB	77ms 69ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/0.8c77113e0610.elements-vendors.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 05a76631d715d93b9b391a635fa22bebd90677ea1b7f03fccf4976623602e60e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id EPWP4DBG72QQ9083 age 345161 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 ZBkhewu3At1Ov6Qrh73jqtuhEYAzfgW0oN5g35UDmbdj9aPFj2uawAvLclId1OvJy1ki+xGTjII= last-modified Tue, 28 Nov 2023 14:35:04 GMT server cloudflare etag W/"ec5584c0348f5dcf3ee87742113ae05f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y0OQOVIhDKi8CbU6iI%2BywytYpF9Roh%2BScavpp1A3ZHP4Mv22t532qi%2BsCrBPVHf%2FwLPOfxN3Ec86Icd1bS2eOjcXkEqR%2FjAwBlADqynSQjoQaJkJJxOExXeunRwmqylu7G4htep1dzM%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e6c4921b5-MIA
GET H2	200	checkout.f9a0d0b49da4da21a25d.js Show response static.fundraiseup.com/	417 KB 107 KB	75ms 67ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/checkout.f9a0d0b49da4da21a25d.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 016516cecb70318537a9a6f9b0db9ac0e3fc9a9261779f0e430b901941a01932 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id C9VBV8BYGJBB2RN3 age 108107 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 5uvpwaC7vKnerRQ9K0ytiPk1TRD6nGz0bpqAFODesL22piEur3S+m2wnoCt5KaU2Tp/O7MdGkGw= last-modified Fri, 01 Dec 2023 08:27:18 GMT server cloudflare etag W/"49755c4b4d9ce34211fda8f5f5d23ea2" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBFBylLrvMa7XO9T52IzReCAwdR5zn8Dw4BSNu16NSFlqUGbdiYheB2AESyn0DnoxuAwRlQNjjq16M%2FnF%2FQHMJ7B6Jhz7Q2qNzdU8dpnBqkItUVS65SgugWj6kBffu%2FPB8IF1%2B1iUw0%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1021b5-MIA
GET H2	200	checkout-vendors.7c765e60093d512162d1.js Show response static.fundraiseup.com/	316 KB 101 KB	75ms 67ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/checkout-vendors.7c765e60093d512162d1.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 38f2b13346ed2d0cfef5131bc1d2278c31ca26c486931c21de01ac48e9bbf6a0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Z3EQY4FH5F8ZK6PS age 281230 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 /kSFBp73yT5yPjxXT3eAUM9W1mEkPcAm1MJthXuhoXetX8BJlSIdToXH1IdoklIBkNJ9+wPGOJM= last-modified Wed, 29 Nov 2023 08:22:05 GMT server cloudflare etag W/"25924698ce56a0e0f3c9de06d1b420c7" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5U35FcNWR47rSmdGHKHtGFTkzFuE2P3%2FP6G6jl33jC3qkaiGvifLLL40vcYqDmyStvBn9IZA8DuKBeI2Y4ehwzNPsppJmXMkamgsNG7ihTVcdhsTwSCcVlDCjajfUzTOZDhQLcpLbI%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1921b5-MIA
GET H2	200	checkout-styles.03c15be0092fda4e3895.js Show response static.fundraiseup.com/	105 KB 19 KB	48ms 40ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/checkout-styles.03c15be0092fda4e3895.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cba7a4f47089e5729e3892fe0b482e97ac8a9876c8a9a70813d64dd780bee4e4 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id GX1EVKA6YBR4RXQJ age 1313674 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 YPIYA03KY2+ftfeIHotipcAHtsJr4NI/4MsXDKRB62MxYFTIu2l3wm6LUu6VOmZTehTv870bYQ0= last-modified Fri, 17 Nov 2023 09:35:01 GMT server cloudflare etag W/"79423805a386fef19a79432cf84f0997" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2FOFlKKvKkXmOSxL0JYSHnQ1vkHzW9qjqtoI3L4zbwlFkdEB%2FK7ogky1zeqrjkHnDn1XM6KxrE3H69Bx9hwmzW8TXQS%2BYbVnepUbR69dBOHz6AnnqD7juGZh%2BLYGSgzpj0%2BpmWdLz1M%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1a21b5-MIA
GET H2	200	checkout-sentry-vendor.bbaab79af6ac4ae5c523.js Show response static.fundraiseup.com/	13 KB 5 KB	74ms 66ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/checkout-sentry-vendor.bbaab79af6ac4ae5c523.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46ffa27a716a55780501f5d6711c054bdb1772174f1076dc0e49dee9b00648e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id 09XBDAA3SM2T2818 age 281718 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 fpFrPbrSH4tZWSCdlVCAMexaq5cw62piaYMjldd1N2rsk2ZomnP5fdne57ONJw6sYgngSyTaICc= last-modified Mon, 30 Oct 2023 13:54:53 GMT server cloudflare etag W/"e8cb215ba1bf6e188dcd93c7faa7d814" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZO6IdG4DZTbItugiQ06G7jWb5h8xa6aEqRP57cr7W0Twsqq311vQWoAuHXkVhRdUMnikOBomRnitKtooe3sjZ3ZYAVfnw20aEegcEeSlxV8qNFmLJ4r8tuZwHq7e%2BbRmt64kETxMPeU%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1b21b5-MIA
GET H2	200	sentry.f22c57a6d1868860f77a.js Show response static.fundraiseup.com/	3 KB 2 KB	46ms 39ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/sentry.f22c57a6d1868860f77a.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e814cafcf71b5220738254b6af924aed74906da9f05720512cbcfde3d7035c7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id ZT4B5NADFNE5FF83 age 253260 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 rILB/UkjkrXq9DsGPjbjRvmZjJv8raabxgdU06kEgSRapDkg/E7st4bYll3COHB7y8zXqZ8TnSc= last-modified Tue, 31 Oct 2023 10:15:17 GMT server cloudflare etag W/"40decec014567fcc72c553f1600465c3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i1tOHNvqM3m6sMJya655pElqKNd5E%2BJIKEmq62qgmMoZUzI3xUUsHAK6BPQkhtDLYA5u9cpGWY%2BPGVIkkq5EcxmR3f0iBjoqqVLPrEbWKF9bxeA7LCpoHkGOjRLDrbnc0MqS0iAqlBg%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e3c1c21b5-MIA
GET H2	200	checkout-modal-fiat-flow-factory.5d35a4e41e854dff90df.js Show response static.fundraiseup.com/	125 KB 24 KB	74ms 68ms	Script text/javascript	172.67.72.38 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.fundraiseup.com/checkout-modal-fiat-flow-factory.5d35a4e41e854dff90df.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.72.38 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 037e83f067ca17d72a991d084b59404178a22e067579b5810e3035c9c7f13b75 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Z3EK52E00A74FWFQ age 281230 x-amz-server-side-encryption AES256 alt-svc h3=":443"; ma=86400 x-amz-id-2 HgiXSHn/WNoTg/fi7DcjRy5Pbk2JdKqAYB8V+mCR3FlbDXq3mCgFCMc1SAM6WZv7S4KlnJDNtFE= last-modified Wed, 29 Nov 2023 08:22:04 GMT server cloudflare etag W/"89a2bdf4bf831383e1bffc9f54a4badc" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alfoojG%2F2LaOLNmwMpxH4DtdhYejN3J8l2C8AS2xi7onR2H8iFO%2BDu3nslJYm1VK2YhphDe1RxBs420KgyCmCr%2B5QyY5i%2FJi7c1z13eh4wvP%2B4HhFiKNC3APSXEOGKsbRZRu8QPWOJE%3D"}],"group":"cf-nel","max_age":604800} content-type text/javascript; charset=UTF-8 cache-control max-age=31536000 cf-ray 82f45c8e6c4721b5-MIA
POST H2	200	tb fndrsp.net/	2 B 487 B	156ms 85ms	Ping text/plain	104.21.13.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fndrsp.net/tb Requested by Host: cdn.fundraiseup.com URL: https://cdn.fundraiseup.com/widget/ALDUVYMB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.13.219 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://45.65.114.69.sslip.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8SyOcOA9%2BeaWoIveMrfOR%2BfmnBzoLdfhjXEHc8RgV06s6ra5dOzsPwHXhSDyOZ7L7s36VvjSxRPKSFXxzfdSYQhl0eJwNO8ebdw4tNiIqlnRMnMh226faw6pbsFc"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://45.65.114.69.sslip.io access-control-allow-credentials true cf-ray 82f45c8f0f9f5c70-MIA alt-svc h3=":443"; ma=86400
GET H2	200	64650cc8f2128c001afed341.js Show response buttons-config.sharethis.com/js/	1 KB 972 B	329ms 147ms	Script text/javascript	2600:9000:269f:c600:c:abe:f440:93a1
General Check archive.org Show headers Download Go to Full URL https://buttons-config.sharethis.com/js/64650cc8f2128c001afed341.js Requested by Host: platform-api.sharethis.com URL: https://platform-api.sharethis.com/js/sharethis.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:269f:c600:c:abe:f440:93a1 , United States, ASN (), Reverse DNS Software AmazonS3 / Resource Hash 93075f6a127a5b6038e39d99f36fc43430eb05fb0010515ffeff92e0dcf16056 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:50 GMT content-encoding gzip via 1.1 27b17699925096cc4791dc388c9d01d8.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Sat, 30 Sep 2023 21:02:01 GMT server AmazonS3 x-amz-cf-pop YUL62-P1 etag W/"0fbfcf746c067499b6778ff5bac99b07" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Miss from cloudfront content-type text/javascript cache-control public, max-age=60 x-amz-cf-id PIiivwGrdebKdTomAgKk1m-thLg3j76BR4WROK3LF-41k8x8l4Zl2w==
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	302 KB 87 KB	70ms 69ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=58a5959b3c49b4189a281613689514fd Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash c59718962c846c176a651d606c31bb83b025fc80ec1c02576f562175362b0519 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://45.65.114.69.sslip.io/ Origin https://45.65.114.69.sslip.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sat, 02 Dec 2023 14:46:49 GMT content-md5 tR0Ey60/Q/uTXCf8dLoa2w== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88321 reporting-endpoints x-fb-debug TzWVpdzF3+8CupR8NMj/wVvtzvZoEV4UtpH+aHIKTG/qZbGoX3UBelxqR4YDQRllHY451+NscG8BWdiaBIqjgw== x-fb-content-md5 71450ee66b64197212de227c30883c32 cross-origin-opener-policy same-origin-allow-popups etag "30ebc3ada6268e98d9b0ee5e205950f9" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable x-fb-optimizer 1 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sun, 01 Dec 2024 13:10:18 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	375 KB 109 KB	202ms 85ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/sites/default/files/google_tag/gt_container/google_tag.script.js?s4wqhv Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash d5be5587a20e67c0f7dedb39b3c07b328bdc483b846b3944628e72a61931279b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 111318 x-xss-protection 0 last-modified Sat, 02 Dec 2023 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sat, 02 Dec 2023 14:46:49 GMT
GET H/1.1	200 OK	sc Show response l.sharethis.com/ Redirect Chain https://l.sharethis.com/pview?event=pview&hostname=45.65.114.69.sslip.io&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&source=platform&fcmp=false&fcmpv2=false... https://l.sharethis.com/sc?event=pview&hostname=45.65.114.69.sslip.io&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&source=platform&fcmp=false&fcmpv2=false&ha...	177 B 704 B	63ms 62ms	XHR text/plain	3.132.60.230 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.sharethis.com/sc?event=pview&hostname=45.65.114.69.sslip.io&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Home%20%7C%20Sierra%20Club&cms=unknown&publisher=64650cc8f2128c001afed341&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=33624d94-18bb-4843-ad60-86fe8da2133a&samesite=None Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Server 3.132.60.230 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-132-60-230.us-east-2.compute.amazonaws.com Software / Resource Hash 7068b129732394e87486118064d82423951163e33e20c03a5e365831a8c58051 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Date Sat, 02 Dec 2023 14:46:50 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://45.65.114.69.sslip.io Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Stid ZHgAA2VrQ1kAAAAJEnHhAw== Access-Control-Allow-Headers * Content-Length 177 X-Robots-Tag noindex, nofollow Redirect headers Date Sat, 02 Dec 2023 14:46:49 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Access-Control-Max-Age 1728000 Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin https://45.65.114.69.sslip.io Location /sc?event=pview&hostname=45.65.114.69.sslip.io&location=%2F&product=sticky-share-buttons&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&source=platform&fcmp=false&fcmpv2=false&has_segmentio=false&title=Home%20%7C%20Sierra%20Club&cms=unknown&publisher=64650cc8f2128c001afed341&sop=true&version=st_sop.js&lang=en&ua=&ua_mobile=false&ua_full_version_list=&uuid=33624d94-18bb-4843-ad60-86fe8da2133a&samesite=None Access-Control-Expose-Headers stid Cache-Control no-cache, no-store, must-revalidate Access-Control-Allow-Credentials true Connection keep-alive Stid ZHgAA2VrQ1kAAAAJEnHhAw== Access-Control-Allow-Headers * Content-Length 515 X-Robots-Tag noindex, nofollow
GET H2	401	me Show response geoip-js.com/geoip/v2.0/city/	186 B 388 B	131ms 67ms	XHR application/vnd.maxmind.com-error+json	2606:4700:4400::6812:216e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geoip-js.com/geoip/v2.0/city/me?referrer=https%3A%2F%2F45.65.114.69.sslip.io Requested by Host: js.maxmind.com URL: https://js.maxmind.com/js/apis/geoip2/v2.0/geoip2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:216e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 420cb1127cfdefa2bb7e1b9cf7edb91cd515c5136904ff1d4e13495b7437cf2f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:49 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC server cloudflare content-type application/vnd.maxmind.com-error+json; charset=UTF-8; version=2.0 access-control-allow-origin * cf-ray 82f45c919d7725a1-MIA content-length 186
POST H2	200	statistics.php Show response 45.65.114.69.sslip.io/core/modules/statistics/	0 740 B	511ms 510ms	XHR text/html	45.65.114.69 AARONSMITH-AS
General Check archive.org Show headers Download Go to Full URL https://45.65.114.69.sslip.io/core/modules/statistics/statistics.php Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/sites/default/files/js/js_AqmDmmXtxeaHVu3xcdG2zyaHEnlZalxy9J6xKDJ1uAI.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 45.65.114.69 , Hong Kong, ASN203758 (AARONSMITH-AS, GB), Reverse DNS Software nginx/1.24.0 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers Accept */* Referer https://45.65.114.69.sslip.io/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Sat, 02 Dec 2023 14:46:50 GMT strict-transport-security max-age=0 server nginx/1.24.0 x-cdn Imperva traceresponse 00-179d0b12ed35e3eb3f772d5b2815e232-ec991cb4c3d5af43-01 x-platform-cluster gcheo2mr4e7xo-main-bvxea6i content-type text/html; charset=UTF-8 x-platform-processor xa54ehs7romxi3jn4x44rs46ze x-iinfo 7-75635015-75635020 NNNN CT(102 114 0) RT(1701528409444 9) q(0 0 2 -1) r(4 4) U6 x-debug-info eyJyZXRyaWVzIjowfQ== x-incap-sess-cookie-hdr nUPUFJSYqRkqLMfeNbJ/AVlDa2UAAAAAp0xRyULh2icsGZmnvUv1Tw== content-length 0 x-platform-router 5wqnwjd7swf5raou5kd6zvzgre
GET H2	200	facebook-white.svg platform-cdn.sharethis.com/img/	357 B 788 B	746ms 71ms	Image image/svg+xml	2600:9000:21a2:3400:1d:85c3:6640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/facebook-white.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:3400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 06 Nov 2023 17:40:04 GMT via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 10 Oct 2019 01:20:12 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 age 2236006 etag "d2c2caf5b123988ddd17ceeb1c7d9d50" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes content-length 357 x-amz-cf-id RgK_1JN5mAOGeeMa4ASy8sPnFWBZtG6oeBSA-8ql9c9HWAc-XpnwBQ==
GET H2	200	twitter-white.svg platform-cdn.sharethis.com/img/	641 B 1 KB	744ms 70ms	Image image/svg+xml	2600:9000:21a2:3400:1d:85c3:6640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/twitter-white.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:3400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4842f835de39abaa449973e6beb13260b52d1bace5843d2246369fc3e4e8034d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:45:59 GMT via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 15 Sep 2023 16:35:45 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 age 52 x-amz-server-side-encryption AES256 etag "232c36e0e377e32fbb20a34ff902fe55" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml accept-ranges bytes content-length 641 x-amz-cf-id Rp6U9sFJu_bzoWHjsmkF_dYui1wX3ecQlHfgYK6aKGJu4eLNHJ4ETg==
GET H2	200	sharethis-white.svg platform-cdn.sharethis.com/img/	625 B 1 KB	747ms 73ms	Image image/svg+xml	2600:9000:21a2:3400:1d:85c3:6640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/sharethis-white.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:3400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a5e92663d140c2742136bd09372e2d37c070b09e3de4cd3bf16dabce17cd02d8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 06 Nov 2023 17:40:05 GMT via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 10 Oct 2019 01:20:13 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 age 2236006 etag "2506159844f1711ede2746e62df1370a" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes content-length 625 x-amz-cf-id zZ5Wdw6lO7H1ZkMbdlT_CBeb-f1nTraszNmR0i7jNgrW9LOhg1dHrg==
GET H2	200	print-white.svg platform-cdn.sharethis.com/img/	470 B 903 B	746ms 72ms	Image image/svg+xml	2600:9000:21a2:3400:1d:85c3:6640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/print-white.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:3400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6bee0fe016e8b8fc9417fad7a1b7f049266327ad2a42fcc2dc5514071f93050c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 06 Nov 2023 17:26:56 GMT via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 10 Oct 2019 01:20:13 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 age 2236794 etag "b2d996dcf7300660dec6683cdb31a871" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes content-length 470 x-amz-cf-id RjcfhubO3XkBpJ8VtWkCTE-xbYCKe9Sq-lf7OrO85ekiMREiwAfV3g==
GET H2	200	arrow_left.svg platform-cdn.sharethis.com/img/	565 B 997 B	745ms 73ms	Image image/svg+xml	2600:9000:21a2:3400:1d:85c3:6640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/arrow_left.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:3400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 5c833b1818762f1e134fbb158447fb0b92f2b018b15aa36f2e2405213f830d38 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 06 Nov 2023 17:39:46 GMT via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 10 Oct 2019 01:20:12 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 age 2236025 etag "b55d8d2b9321e381a3c38a4bddb74037" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes content-length 565 x-amz-cf-id beafBf8-Od6y4mgWauyMc8JBulIKTOgT3Slfohg6U4abxei0u8892w==
GET H2	200	arrow_right.svg platform-cdn.sharethis.com/img/	565 B 1000 B	747ms 74ms	Image image/svg+xml	2600:9000:21a2:3400:1d:85c3:6640:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://platform-cdn.sharethis.com/img/arrow_right.svg Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:3400:1d:85c3:6640:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 1bae747c7fd090f56608956a97c870391e1c43f89d24d5766129b75628985c1e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Mon, 06 Nov 2023 17:39:46 GMT via 1.1 12fcb6e1bd9ccc1cb02eb21308b59e46.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains last-modified Thu, 10 Oct 2019 01:20:12 GMT server AmazonS3 x-amz-cf-pop YUL62-C1 age 2236025 etag "9928d025bd5792b718ee0a185f62e67c" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control public, max-age=2592000 accept-ranges bytes content-length 565 x-amz-cf-id xDOySOELmWuSSU8NcC6FjwupM35Z2ESDF4dTROC1PjsykDtyLzpCdw==
GET H2	200	js Show response www.googletagmanager.com/gtag/	279 KB 92 KB	66ms 65ms	Script application/javascript	2607:f8b0:4004:c08::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-41DQ5KQCWV&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7841b5351b40719d3f8c21164da5597d90a4e6b77483057fead54d292082bbaf Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:50 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93971 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sat, 02 Dec 2023 14:46:50 GMT
GET H2	200	osano.js Show response cmp.osano.com/16CaL8TrGwXm8PqWe/b4367dd9-eece-4295-b559-8080314c589a/	142 KB 40 KB	924ms 323ms	Script application/javascript	2600:9000:21a2:fa00:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/16CaL8TrGwXm8PqWe/b4367dd9-eece-4295-b559-8080314c589a/osano.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:fa00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software CloudFront / Resource Hash 53780f5d6558edb002605ccf6847d2c1c80aebe13c091c9b4b81b71891821382 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:51 GMT content-encoding br via 1.1 56afed1ff867622bc96040c761f69a64.cloudfront.net (CloudFront) strict-transport-security max-age=63072000; includeSubDomains; preload x-content-type-options nosniff x-amz-cf-pop YUL62-C1 x-cache Miss from cloudfront cross-origin-resource-policy cross-origin content-length 40093 x-xss-protection 1; mode=block referrer-policy strict-origin-when-cross-origin last-modified Fri, 03 Nov 2023 19:52:21 GMT server CloudFront etag "bc4322368a171256f85202c71f09b940" x-frame-options SAMEORIGIN vary Origin content-type application/javascript; charset=utf-8 cache-control public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform x-amz-cf-id DWIYqNcxuQ8BUhlxbi8OKT7qPxg8SkA1Ymofopk1djfsruegKKVv_Q==
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	31 KB 12 KB	657ms 54ms	Script application/javascript	2600:1408:c400:2b::17de:4d9 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:1408:c400:2b::17de:4d9 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 15838004d5e196b563a00a0ba16ce432fed6deb3dd4fab7122601f2c4f41560a Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:50 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 29 Nov 2023 10:04:20 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=43605 accept-ranges bytes content-length 12150
GET H2	200	activityi;dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;u... Show response 13787927.fls.doubleclick.net/ Frame 5A10 Redirect Chain https://13787927.fls.doubleclick.net/activityi;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam... https://13787927.fls.doubleclick.net/activityi;dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1...	570 B 486 B	76ms 74ms	Document text/html	142.251.163.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://13787927.fls.doubleclick.net/activityi;dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F45.65.114.69.sslip.io%2F? Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.163.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS wv-in-f149.1e100.net Software cafe / Resource Hash 499249fabc2ece1788606ced3db10b7cbaf894696418f1deb8e3d6fe0e7cf548 Security Headers Name Value Strict-Transport-Security max-age=21600 X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://45.65.114.69.sslip.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-encoding br content-length 311 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 02 Dec 2023 14:46:50 GMT expires Fri, 01 Jan 1990 00:00:00 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control no-cache, must-revalidate content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 02 Dec 2023 14:46:50 GMT expires Fri, 01 Jan 1990 00:00:00 GMT follow-only-when-prerender-shown 1 location https://13787927.fls.doubleclick.net/activityi;dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F45.65.114.69.sslip.io%2F? p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" pragma no-cache server cafe strict-transport-security max-age=21600 timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	202 KB 53 KB	139ms 69ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 02 Dec 2023 14:46:50 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 54273 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug 51+2CJt58qTMn10RvL42wZxeN8SpIyZIoUqgjHymT8vXzv+liH3fCFTCVsWkUAhuh4vxJifBLZgtfLydpczotA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-152373.js Show response static.hotjar.com/c/	12 KB 5 KB	677ms 86ms	Script application/javascript	3.162.3.77 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-152373.js?sv=5 Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.77 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-77.yul62.r.cloudfront.net Software / Resource Hash c987224ef6abbf9d4cc161fb775891dc1ea5e07b3c9318d412e74bc46aaa7e65 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Sat, 02 Dec 2023 14:46:50 GMT via 1.1 b00903dd6c0e35a04eab89fc03a8023e.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 age 16 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin etag W/cf3dea011774cfa211aa2e19df3f77c2 vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 x-amz-cf-id trg9r9GwzZw4ttrHpAgYkdvS_rRkO2zzSwIxbi6XgZtCXKyKH4jaSw==
GET H2	200	up.js Show response up.pixel.ad/assets/	3 KB 2 KB	635ms 52ms	Script application/javascript	69.28.187.147 LLNW
General Check archive.org Show headers Download Go to Full URL https://up.pixel.ad/assets/up.js?um=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 69.28.187.147 New York, United States, ASN22822 (LLNW, US), Reverse DNS https-69-28-187-147.iad.llnw.net Software AC1.1 / Resource Hash 25b33a7a853f39e447b14be3e6662ccbb0fbce73620bf7778d194cb3fef1d3ab Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:50 GMT content-encoding gzip last-modified Wed, 16 Mar 2022 16:22:21 GMT server AC1.1 age 582612 vary accept-encoding content-type application/javascript accept-ranges bytes content-length 1550 x-llid c0bf73bd4823c00b5493fbf7d1ca7140
GET H2	200	adelphic_universal_pixel.js Show response js.ipredictive.com/	2 KB 2 KB	561ms 55ms	Script application/javascript	13.32.151.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.ipredictive.com/adelphic_universal_pixel.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P6QS96 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.151.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-151-57.iad66.r.cloudfront.net Software AmazonS3 / Resource Hash aa4f6cfbf87befc125843523e2dfe029009376cb8f5d590cffbc1bb267dd69ce Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:36:51 GMT via 1.1 6bcd5dba28bbc19dcd3f4c10e978e8ee.cloudfront.net (CloudFront) last-modified Fri, 30 Sep 2022 15:42:59 GMT server AmazonS3 x-amz-cf-pop IAD66-C2 age 600 etag "83b469155694c51d4c5581028a6788bc" x-cache Hit from cloudfront content-type application/javascript accept-ranges bytes content-length 2108 x-amz-cf-id cEwuXR2h9-ZUty_JmlqjhXrMCZd5jAGcOu6YtKeZBW73Wl7HEfh8_w==
GET H/1.1	200 OK	cnv cnv.event.prod.bidr.io/log/ Redirect Chain https://cnv.event.prod.bidr.io/log/cnv?tag_id=1212&buzz_key=dsp&value=&segment_key=dsp-14573&account_id=73&order=[ORDER]&ord=[CACHEBUSTER] https://cnv.event.prod.bidr.io/log/cnv?tag_id=1212&buzz_key=dsp&value=&segment_key=dsp-14573&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1	43 B 796 B	53ms 53ms	Image image/gif	54.145.69.98 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://cnv.event.prod.bidr.io/log/cnv?tag_id=1212&buzz_key=dsp&value=&segment_key=dsp-14573&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1 Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol HTTP/1.1 Server 54.145.69.98 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-145-69-98.compute-1.amazonaws.com Software gunicorn / Resource Hash dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache Date Sat, 02 Dec 2023 14:46:50 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn content-type image/gif p3p CP="This is not a P3P policy! See https://beeswax.com/privacy for more info." cache-control no-cache, must-revalidate Connection keep-alive Content-Length 43 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cnv.event.prod.bidr.io/log/cnv?tag_id=1212&buzz_key=dsp&value=&segment_key=dsp-14573&account_id=73&order=%5BORDER%5D&ord=%5BCACHEBUSTER%5D&_bee_ppp=1 Date Sat, 02 Dec 2023 14:46:50 GMT strict-transport-security max-age=2592000; includeSubDomains Server gunicorn Connection keep-alive Content-Length 0
POST H2	200	tb fndrsp.net/	2 B 285 B	79ms 79ms	Ping text/plain	104.21.13.219 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://fndrsp.net/tb Requested by Host: cdn.fundraiseup.com URL: https://cdn.fundraiseup.com/widget/ALDUVYMB Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.13.219 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://45.65.114.69.sslip.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 02 Dec 2023 14:46:50 GMT strict-transport-security max-age=31536000; includeSubDomains; preload cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Origin report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wZQ2Qfvf8AVJmL6WBP3iF69WC7tWdAZ6AgO%2FEjlZoms5BvKnZsNmkDcLKFJLew%2F5Dt3112FfFTTF8wUOWEQOAr03cS%2Be7Td8QksqBElqkA67gh1Inj%2Fupp92vASS"}],"group":"cf-nel","max_age":604800} access-control-allow-origin https://45.65.114.69.sslip.io access-control-allow-credentials true cf-ray 82f45c94d9665c70-MIA alt-svc h3=":443"; ma=86400
GET H3	200	1456954507875619 Show response connect.facebook.net/signals/config/	142 KB 37 KB	171ms 171ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1456954507875619?v=2.9.138&r=stable&domain=45.65.114.69.sslip.io Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash b3e792f2ce7263ebfd2dd1c5149787022f08b19d1e6e2b0b4898e02d80615b78 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 02 Dec 2023 14:46:50 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug DsUrHtnZpOgg33+JKcYl3etIWWFLqvgkeHeaONFktqEK1XtfO4AbJhX77nkV/ZJC0fgZ/rXxF7lsVBk3YP8zHA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect www.google-analytics.com/g/	0 249 B	175ms 64ms	Ping text/plain	2607:f8b0:4004:c09::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-41DQ5KQCWV&gtm=45je3bt0v877340680z86617846&_p=1701528409746&gcd=11l1l1l1l1&dma=0&cid=287829918.1701528411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701528410&sct=1&seg=0&dl=https%3A%2F%2F45.65.114.69.sslip.io%2F&dt=Home%20%7C%20Sierra%20Club&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3235 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-41DQ5KQCWV&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Sat, 02 Dec 2023 14:46:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://45.65.114.69.sslip.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1611618%26time%3D1701528410831%26url%3Dhttps%253A%252F%252F45.65.114.69.sslip.io%... https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true&liSync=true https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQIbk3gvOAr_JAAAAYwq_xxqzPRCScxL3OQ5fFk...	0 489 B	181ms 122ms	Image application/javascript	13.107.42.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQIbk3gvOAr_JAAAAYwq_xxqzPRCScxL3OQ5fFkZWbK8bgKkjspK72ZY-OcOe3KO5hEBCw Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Server 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 3EDDEB1ED7BF424B9C0ADB368349F257 Ref B: MIAEDGE2014 Ref C: 2023-12-02T14:46:51Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYLh/SJBhZ9a6FvEn5tMA== Redirect headers date Sat, 02 Dec 2023 14:46:50 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: BC822A5DE4C947C9807283B7AD40BECE Ref B: MIAEDGE2918 Ref C: 2023-12-02T14:46:51Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=1611618&time=1701528410831&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&cookiesTest=true&liSync=true&e_ipv6=AQIbk3gvOAr_JAAAAYwq_xxqzPRCScxL3OQ5fFkZWbK8bgKkjspK72ZY-OcOe3KO5hEBCw x-li-proto http/2 content-length 0 x-li-uuid AAYLh/SG5hD5ChVR+DhKlQ==
GET H2	200	modules.28e3191d8757c557b4b7.js Show response script.hotjar.com/	227 KB 57 KB	230ms 80ms	Script application/javascript	3.162.3.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.28e3191d8757c557b4b7.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-152373.js?sv=5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.162.3.117 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-3-162-3-117.yul62.r.cloudfront.net Software / Resource Hash 77a17bd55486aef26d2fbbe92b56672398378b1ad7ba7975c79742b4772d52b1 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Thu, 23 Nov 2023 14:01:06 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 726979f71f252186e97d38202269f636.cloudfront.net (CloudFront) x-amz-cf-pop YUL62-P2 age 780345 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 57395 last-modified Thu, 23 Nov 2023 14:00:23 GMT etag "1ab24a53e715dcb189ab626bacc0e88b" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id HVnxv-4w-RLR3S4deYZfYJ4spfH9OrWAbvNJScMXmpIss4kg0xWGWQ==
GET H3	200	180535206388660 Show response connect.facebook.net/signals/config/	140 KB 36 KB	159ms 159ms	Script application/x-javascript	2a03:2880:f07d:0:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/180535206388660?v=2.9.138&r=stable&domain=45.65.114.69.sslip.io Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f07d:0:face:b00c:0:3 Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 6a2b497caa798fa7410ba8da9952beed6f813a32de5bbc885a403a7dff141e2b Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers permissions-policy-report-only autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=() content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Sat, 02 Dec 2023 14:46:51 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints pragma public x-fb-debug FAjSHQAzkLMzGptS9ZGceyAj7lW6L1e+ndqV1m3WvxjBfhd8q6hXk4CYqASyVYH4YlUkjcwMLidGDtWHKnEwaA== cross-origin-opener-policy same-origin-allow-popups vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.facebook.com/tr/	0 185 B	207ms 68ms	Image text/plain	2a03:2880:f171:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1456954507875619&ev=PageView&dl=https%3A%2F%2F45.65.114.69.sslip.io%2F&rl=&if=false&ts=1701528410982&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701528410979.789242916&cs_est=true&ler=empty&it=1701528410782&coo=false&rqm=GET Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 02 Dec 2023 14:46:51 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;... Show response adservice.google.com/ddm/fls/i/ Frame 7B42	194 B 440 B	197ms 84ms	Document text/html	2607:f8b0:4004:c08::9b GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/ddm/fls/i/dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F45.65.114.69.sslip.io%2F Requested by Host: 13787927.fls.doubleclick.net URL: https://13787927.fls.doubleclick.net/activityi;dc_pre=CMz1h6T_8IIDFXeg0QQdfy4AdA;src=13787927;type=pagev0;cat=pagev0;ord=4669547972494;auiddc=20129719.1701528410;gtm=45He3bt0v6617846;gcd=11l1l1l1l1;dma=0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2F45.65.114.69.sslip.io%2F? Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c08::9b Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://13787927.fls.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=0 content-encoding br content-length 85 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 02 Dec 2023 14:46:51 GMT expires Sat, 02 Dec 2023 14:46:51 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET		/ cmp.osano.com/ Frame A2F0	0 0
GET H2	200	/ Show response cmp.osano.com/ Frame A2F0	4 KB 1 KB	69ms 69ms	Document text/html	2600:9000:21a2:fa00:3:b7e:8940:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cmp.osano.com/ Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CaL8TrGwXm8PqWe/b4367dd9-eece-4295-b559-8080314c589a/osano.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:21a2:fa00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://45.65.114.69.sslip.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers age 54913 content-encoding br content-type text/html date Fri, 01 Dec 2023 23:31:39 GMT etag W/"287b497c992487af362d33204f87d28f" last-modified Thu, 21 Oct 2021 22:01:08 GMT referrer-policy strict-origin-when-cross-origin server AmazonS3 strict-transport-security max-age=63072000; includeSubDomains; preload vary Accept-Encoding Origin via 1.1 56afed1ff867622bc96040c761f69a64.cloudfront.net (CloudFront) x-amz-cf-id rhTZyF48EEMtneOYuIT4yH1vUmLDh1KlPGiGOkNO5dFMnABMAkpwzA== x-amz-cf-pop YUL62-C1 x-amz-version-id xT1PkIFehetvNf5lINcU02FbT3u47kBr x-cache Hit from cloudfront x-content-type-options nosniff x-xss-protection 1; mode=block
GET BLOB	200 OK	0d8f0057-01dd-4cd7-8f89-12c49959ab2e https://45.65.114.69.sslip.io/	390 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://45.65.114.69.sslip.io/0d8f0057-01dd-4cd7-8f89-12c49959ab2e Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers Content-Length 390 Content-Type text/javascript
GET H2	200	/ www.facebook.com/tr/	0 31 B	68ms 67ms	Image text/plain	2a03:2880:f171:81:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=180535206388660&ev=PageView&dl=https%3A%2F%2F45.65.114.69.sslip.io%2F&rl=&if=false&ts=1701528411227&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1701528410979.789242916&cs_est=true&ler=empty&it=1701528410782&coo=false&rqm=GET Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f171:81:face:b00c:0:25de Apodaca, Mexico, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains date Sat, 02 Dec 2023 14:46:51 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H/1.1	200 OK	event Show response ad.ipredictive.com/d/track/ Frame 2A00	0 327 B	215ms 52ms	Document text/plain	52.3.199.180 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://ad.ipredictive.com/d/track/event?upid=108332&cache_buster=1701528411&url=https%3A%2F%2F45.65.114.69.sslip.io%2F&p1=undefined&val=0&tn=undefined&p2=gtm.js Requested by Host: cmp.osano.com URL: https://cmp.osano.com/16CaL8TrGwXm8PqWe/b4367dd9-eece-4295-b559-8080314c589a/osano.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.3.199.180 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-3-199-180.compute-1.amazonaws.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://45.65.114.69.sslip.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Length 0 Date Sat, 02 Dec 2023 14:46:51 GMT X-CI-RTID dc0ca70a-dc1b-492d-a35d-5e63a39c7a7e
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 200 B	72ms 72ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: snap.licdn.com URL: https://snap.licdn.com/li.lms-analytics/insight.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept * Referer https://45.65.114.69.sslip.io/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Sat, 02 Dec 2023 14:46:51 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: FCA9747B59084EE9A17047C64AD9AB31 Ref B: MIAEDGE2918 Ref C: 2023-12-02T14:46:51Z linkedin-action 1 vary Origin x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 access-control-allow-origin https://45.65.114.69.sslip.io x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYLh/SK+NDrKJs9XRN6Gg==
GET H2	200	asyncPixelSync Show response pixel.sitescout.com/dmp/ Frame 0DA2 Redirect Chain https://pixel.sitescout.com/dmp/asyncPixelSync https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1	1 KB 2 KB	55ms 55ms	Document text/html	207.198.113.205 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1 Requested by Host: 45.65.114.69.sslip.io URL: https://45.65.114.69.sslip.io/ Protocol H2 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 207.198.113.205 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software A / Resource Hash f03350b8b065b71bbd237e7a00daf81ae9d368c6382c19a19277c2dfcc5d510f Request headers Referer https://45.65.114.69.sslip.io/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=0,no-cache,no-store content-length 1174 content-type text/html;charset=UTF-8 date Sat, 02 Dec 2023 14:46:51 GMT expires Tue, 11 Oct 1977 12:34:56 GMT p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" pragma no-cache server A Redirect headers content-length 0 date Sat, 02 Dec 2023 14:46:51 GMT location https://pixel.sitescout.com/dmp/asyncPixelSync?cookieQ=1 server A
GET H2	200	0d405d18ef388eb6 pixel.sitescout.com/up/ Redirect Chain https://pixel.sitescout.com/up/0d405d18ef388eb6?cntr_url=https%3A%2F%2F45.65.114.69.sslip.io%2F https://pixel.sitescout.com/up/0d405d18ef388eb6?cookieQ=1&cntr_url=https%3A%2F%2F45.65.114.69.sslip.io%2F	43 B 417 B	56ms 56ms	Image image/gif	207.198.113.205 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.sitescout.com/up/0d405d18ef388eb6?cookieQ=1&cntr_url=https%3A%2F%2F45.65.114.69.sslip.io%2F Protocol H2 Server 207.198.113.205 Herndon, United States, ASN13768 (COGECO-PEER1, CA), Reverse DNS Software AC1.1 / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Sat, 02 Dec 2023 14:46:51 GMT server AC1.1 content-type image/gif p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" cache-control max-age=0,no-cache,no-store content-length 43 expires Tue, 11 Oct 1977 12:34:56 GMT Redirect headers location https://pixel.sitescout.com/up/0d405d18ef388eb6?cookieQ=1&cntr_url=https%3A%2F%2F45.65.114.69.sslip.io%2F date Sat, 02 Dec 2023 14:46:51 GMT server AC1.1 content-length 0
GET H2	200	demconf.jpg dpm.demdex.net/ Frame 0DA2 Redirect Chain https://dpm.demdex.net/ibs:dpid=82530&dpuuid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=	42 B 716 B	55ms 54ms	Image image/gif	52.0.234.123 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= Protocol H2 Server 52.0.234.123 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-0-234-123.compute-1.amazonaws.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers dcs dcs-prod-va6-1-v053-0b811dbb5.edge-va6.demdex.com 2 ms pragma no-cache date Sat, 02 Dec 2023 14:46:52 GMT strict-transport-security max-age=31536000; includeSubDomains x-content-type-options nosniff content-encoding gzip x-tid mLjhZi1ORss= content-type image/gif p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 59 expires Thu, 01 Jan 1970 00:00:00 UTC Redirect headers dcs dcs-prod-va6-2-v053-0da4f5eed.edge-va6.demdex.com 0 ms pragma no-cache date Sat, 02 Dec 2023 14:46:52 GMT strict-transport-security max-age=31536000; includeSubDomains x-tid PWUk4KaKQJU= p3p policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" location https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=82530&dpuuid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= cache-control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private content-length 0 expires Thu, 01 Jan 1970 00:00:00 UTC
GET H2	200	check pixel.tapad.com/idsync/ex/receive/ Frame 0DA2 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=2499&partner_device_id=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553 https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553	95 B 428 B	56ms 56ms	Image image/png	34.111.113.62 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553 Protocol H2 Server 34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 62.113.111.34.bc.googleusercontent.com Software Jetty(11.0.13) / Resource Hash 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers accept-language en-US,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:52 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) content-type image/png access-control-allow-origin * p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 95 Redirect headers date Sat, 02 Dec 2023 14:46:52 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server Jetty(11.0.13) p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2499&partner_device_id=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	pixel.gif load77.exelator.com/ Frame 0DA2 Redirect Chain https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= https://loadm.exelator.com/load/?p=204&g=700&j=0&buid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=&xl8blockcheck=1 https://load77.exelator.com/pixel.gif	43 B 384 B	181ms 55ms	Image image/gif	2a02:6ea0:e200::2 CDN77 ^_^
General Check archive.org Show headers Download Go to Show image Full URL https://load77.exelator.com/pixel.gif Protocol H2 Server 2a02:6ea0:e200::2 Ashburn, United States, ASN60068 (CDN77 ^_^, GB), Reverse DNS Software CDN77-Turbo / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Request headers accept-language en-US,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers x-77-pop ashburnUSVA date Sat, 02 Dec 2023 14:46:52 GMT x-age-lb 719517 x-77-cache HIT x-accel-date 1700808895 content-length 43 x-77-nzt EQwBJRPOBAH3nfoKAA x-accel-expires @1701845695 x-77-age 719517 x-cache-lb HIT last-modified Wed, 25 Oct 2017 17:03:56 GMT server CDN77-Turbo etag "59f0c3fc-2b" x-77-nzt-ray 8e305f1c889d024a5c436b65d5d76b21 content-type image/gif access-control-allow-origin * accept-ranges bytes Redirect headers date Sat, 02 Dec 2023 14:46:52 GMT server nginx x-powered-by Undertow/1 p3p policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA location https://load77.exelator.com/pixel.gif content-type image/gif cache-control no-cache access-control-allow-credentials true content-length 0
GET H2	200	1000.gif idsync.rlcdn.com/ Frame 0DA2 Redirect Chain https://idsync.rlcdn.com/384136.gif?partner_uid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyZjI0ZWRhMmItZTIwZS00NzM0LWEyYWMtMjUyMTUyYWMxM2U0LTY1NmI0MzViLTU1NTMQABoNCNyGrasGEgUI6AcQAEIASgA	42 B 310 B	65ms 65ms	Image image/gif	35.244.154.8 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyZjI0ZWRhMmItZTIwZS00NzM0LWEyYWMtMjUyMTUyYWMxM2U0LTY1NmI0MzViLTU1NTMQABoNCNyGrasGEgUI6AcQAEIASgA Protocol H2 Server 35.244.154.8 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 8.154.244.35.bc.googleusercontent.com Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-US,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers date Sat, 02 Dec 2023 14:46:52 GMT via 1.1 google content-type image/gif p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 Redirect headers date Sat, 02 Dec 2023 14:46:52 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://idsync.rlcdn.com/1000.gif?memo=CIi5FxI9CjkIARCMThoyZjI0ZWRhMmItZTIwZS00NzM0LWEyYWMtMjUyMTUyYWMxM2U0LTY1NmI0MzViLTU1NTMQABoNCNyGrasGEgUI6AcQAEIASgA cache-control no-cache, no-store timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	qmap sync.crwdcntrl.net/ Frame 0DA2 Redirect Chain https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent= https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=&ct=y	49 B 738 B	67ms 66ms	Image image/gif	3.93.99.238 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=&ct=y Protocol H2 Server 3.93.99.238 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-3-93-99-238.compute-1.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language en-US,en;q=0.9 Referer https://pixel.sitescout.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Sat, 02 Dec 2023 14:46:52 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.40.52.107 content-length 49 expires 0 Redirect headers pragma no-cache date Sat, 02 Dec 2023 14:46:52 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=f24eda2b-e20e-4734-a2ac-252152ac13e4-656b435b-5553&gdpr=0&gdpr_consent=&ct=y cache-control no-cache x-server 10.40.56.8 content-length 0 expires 0
POST H2	204	collect www.google-analytics.com/g/	0 54 B	67ms 62ms	Ping text/plain	2607:f8b0:4004:c09::8a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-41DQ5KQCWV&gtm=45je3bt0v877340680z86617846&_p=1701528409746&gcd=11l1l1l1l1&dma=0&cid=287829918.1701528411&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701528410&sct=1&seg=0&dl=https%3A%2F%2F45.65.114.69.sslip.io%2F&dt=Home%20%7C%20Sierra%20Club&en=login&ep.method=https%3A%2F%2F45.65.114.69.sslip.io%2F&ep.login_site=myaccount&_et=3&tfd=8241 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-41DQ5KQCWV&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::8a Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://45.65.114.69.sslip.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36 Response headers pragma no-cache date Sat, 02 Dec 2023 14:46:55 GMT server Golfe2 content-type text/plain access-control-allow-origin https://45.65.114.69.sslip.io cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cmp.osano.com

URL

https://cmp.osano.com/