urlscan.io logo urlscan.io
SecurityTrails logo

secure.everyaction.com Open in urlscan Pro
45.60.33.183  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://prochoiceamerica.actionkit.com/cms/unsubscribe/unsubscribe/?akid=63746.4371514.VnO8zz&amp%3Bt=9&amp%3Bakid=63746.4371514.VnO8zz
Effective URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Submission Tags: falconsandbox
Submission: On November 01 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 14 domains to perform 45 HTTP transactions. The main IP is 45.60.33.183, located in United States and belongs to INCAPSULA, US. The main domain is secure.everyaction.com.
TLS certificate: Issued by RapidSSL TLS RSA CA G1 on May 28th 2020. Valid for: 2 years.
This is the only time secure.everyaction.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    52.53.118.60 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-53-118-60.us-west-1.compute.amazonaws.com
prochoiceamerica.actionkit.com
13    45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)
secure.everyaction.com
profile.ngpvan.com
actions.everyaction.com
actions.ngpvan.com
secure.ngpvan.com
4    2600:9000:2070:d000:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)
d3rse9xjbp8270.cloudfront.net
1    52.239.157.138 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
nvlupin.blob.core.windows.net
1    52.85.32.31 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-32-31.ham50.r.cloudfront.net
js.verygoodvault.com
2    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
11    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c01::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    143.204.101.81 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-81.fra50.r.cloudfront.net
d1aqhv4sn5kxtx.cloudfront.net
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    51.140.6.23 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Domain Requested by
11 www.google-analytics.com www.googletagmanager.com
secure.everyaction.com
az416426.vo.msecnd.net
8 secure.everyaction.com secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
4 d3rse9xjbp8270.cloudfront.net secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
3 stats.g.doubleclick.net az416426.vo.msecnd.net
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 profile.ngpvan.com d3rse9xjbp8270.cloudfront.net
az416426.vo.msecnd.net
2 platform.twitter.com secure.everyaction.com
platform.twitter.com
2 connect.facebook.net secure.everyaction.com
connect.facebook.net
2 www.googletagmanager.com secure.everyaction.com
d3rse9xjbp8270.cloudfront.net
1 secure.ngpvan.com az416426.vo.msecnd.net
1 actions.ngpvan.com az416426.vo.msecnd.net
1 actions.everyaction.com az416426.vo.msecnd.net
1 d1aqhv4sn5kxtx.cloudfront.net www.googletagmanager.com
1 az416426.vo.msecnd.net secure.everyaction.com
1 ssl.google-analytics.com secure.everyaction.com
1 js.verygoodvault.com secure.everyaction.com
1 nvlupin.blob.core.windows.net secure.everyaction.com
1 prochoiceamerica.actionkit.com 1 redirects
0 forms-prod.azurewebsites.net Failed az416426.vo.msecnd.net
45 19

This site contains links to these domains. Also see Links.

Domain
www.everyaction.com
Subject Issuer Validity Valid
*.everyaction.com
RapidSSL TLS RSA CA G1		 2020-05-28 -
2022-05-28		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2020-05-26 -
2021-04-21		 a year crt.sh
*.blob.core.windows.net
Microsoft IT TLS CA 4		 2020-10-26 -
2021-10-26		 a year crt.sh
*.verygoodvault.com
Amazon		 2020-04-17 -
2021-05-17		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-09-11 -
2020-12-10		 3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2019-11-12 -
2020-11-18		 a year crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
*.ngpvan.com
RapidSSL RSA CA 2018		 2018-02-08 -
2021-02-07		 3 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-10-06 -
2020-12-29		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft IT TLS CA 4		 2020-04-30 -
2022-04-30		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Frame ID: DD0414A36E38C4C4052512AAEE5BE9A6
Requests: 43 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fsecure.everyaction.com
Frame ID: 1D517E5D1212DA7F6583445991C6AA17
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://prochoiceamerica.actionkit.com/cms/unsubscribe/unsubscribe/?akid=63746.4371514.VnO8zz&amp%3Bt=9&amp%3Bakid=... HTTP 302
    https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.V... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

45
Requests

98 %
HTTPS

60 %
IPv6

14
Domains

19
Subdomains

15
IPs

5
Countries

568 kB
Transfer

1961 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://prochoiceamerica.actionkit.com/cms/unsubscribe/unsubscribe/?akid=63746.4371514.VnO8zz&amp%3Bt=9&amp%3Bakid=63746.4371514.VnO8zz HTTP 302
    https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set 9ksGbwYWX02RBL76EWdQMA2
secure.everyaction.com/
Redirect Chain
  • https://prochoiceamerica.actionkit.com/cms/unsubscribe/unsubscribe/?akid=63746.4371514.VnO8zz&amp%3Bt=9&amp%3Bakid=63746.4371514.VnO8zz
  • https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
95ac1f1def60e852655ec8ab415bde5ac7be2247f019742d6cf4ddaca413ee2b
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
secure.everyaction.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Access-Control-Expose-Headers
Request-Context
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Date
Sun, 01 Nov 2020 12:13:51 GMT
Set-Cookie
visid_incap_823975=xKfkxM+ESveGHLNjHucQqH+mnl8AAAAAQUIPAAAAAABeqtR/e8A4YRTuwMaE9hvQ; expires=Mon, 01 Nov 2021 08:15:48 GMT; HttpOnly; path=/; Domain=.everyaction.com nlbi_823975=7TKlGoSSKT2Hpu6jOu0ZEgAAAADmGDf0Q+7wBrXPzPnjBGNI; path=/; Domain=.everyaction.com incap_ses_1098_823975=q6+xNG7EnDN4fVbxaOE8D3+mnl8AAAAAkZcjBJYfHEVzG2Tsz4Pu8Q==; path=/; Domain=.everyaction.com TiPMix=18.0806339336935; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; Secure; SameSite=None; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=secure.everyaction.com; Max-Age=3600; Secure; SameSite=None; Secure ; Secure; SameSite=None; Secure
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
9-2154710-2154711 NNNN CT(97 201 0) RT(1604232831296 21) q(0 0 3 0) r(4 4) U12

Redirect headers

status
302
date
Sun, 01 Nov 2020 12:13:51 GMT
content-type
text/html; charset=utf-8
location
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
server
openresty
vary
Cookie, Origin
at.js
d3rse9xjbp8270.cloudfront.net/ 		816 KB
231 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7a2fe21142b2cc05ed28f766802f9f3b248427ecb3dd88543f7e51420e591df

Request headers

Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 06:52:27 GMT
content-encoding
gzip
age
19560
x-cache
Hit from cloudfront
status
200
content-length
235846
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 11:11:56 GMT
server
AmazonS3
etag
"d43738f53ccd7c4642857504b6285a00"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript; charset=utf-8
via
1.1 6ef6a480e6faf3876201c8f86486bbcf.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-amz-cf-id
VPhw6ebyYEW_RikP_PYBNu966kNXOihOc4404YerpeVzpAKxlfKM6Q==
at.min.css
d3rse9xjbp8270.cloudfront.net/ 		111 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/at.min.css
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e83dfb93fa54757ddf18fc003b152cb4b5cab5f10054cc3315b9d0c8a7ad06e7

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 09:32:35 GMT
content-encoding
gzip
age
10056
x-cache
Hit from cloudfront
status
200
content-length
20616
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 11:11:56 GMT
server
AmazonS3
etag
"496d09b7ed480ab0bbd8cec066dfec17"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 d801ae07b5a25e1b54be4791dba41742.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-amz-cf-id
gCWWOK8ExlJsn3EgwuqNmdd-cM5BVq2B1T3OC_r0YyFt2eJaYp-5Zw==
published.css
secure.everyaction.com/Content/css/forms/ 		389 B
571 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Content/css/forms/published.css
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 01 Nov 2020 12:13:52 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Oct 2020 20:11:58 GMT
X-CDN
Incapsula
Etag
"03b406c9dacd61:0"
Content-Type
text/css
X-Iinfo
9-2154710-2154697 2VNN RT(1604232831296 514) q(0 0 0 -1) r(4 4)
Content-Length
237
script-error
secure.everyaction.com/js/ 		246 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/js/script-error?v=LR3iM4M7kAES0Kfs-kdOEFlJ6eRhSmwTVMRMKnRLIxs1
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Incapsula
X-Iinfo
6-3088981-3088982 NNNY CT(0 0 0) RT(1604232831827 19) q(0 0 0 -1) r(1 1) U4
Content-Length
274
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Last-Modified
Sun, 01 Nov 2020 12:13:52 GMT
X-Frame-Options
SAMEORIGIN
Date
Sun, 01 Nov 2020 12:13:51 GMT
Vary
User-Agent,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
public
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires
Mon, 01 Nov 2021 12:13:52 GMT
NARAL_Tagline_Logo_RGB_full%20color.png
nvlupin.blob.core.windows.net/images/van/AV/NARMM/1/47100/images/ 		215 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nvlupin.blob.core.windows.net/images/van/AV/NARMM/1/47100/images/NARAL_Tagline_Logo_RGB_full%20color.png
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.157.138 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
f1d547abfc42b4163965cf4006cc9869bf0505ff49eb735cc647062bd554f85a

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 01 Nov 2020 12:13:52 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-Type
application/xml
Access-Control-Allow-Origin
*
x-ms-request-id
c819c896-e01e-009c-0948-b06a45000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
215
AC2nt8erbFu3svSWxmyTZr1b.js
js.verygoodvault.com/vgs-collect/1/ 		76 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.verygoodvault.com/vgs-collect/1/AC2nt8erbFu3svSWxmyTZr1b.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.32.31 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-32-31.ham50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf

Request headers

Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id
MIiZqsZIbmUuLBPCQnATi6p_MgrmaU_3
Content-Encoding
gzip
ETag
"f3cecf4193fb217244937c56bee4b1b6"
X-Amz-Cf-Pop
HAM50-C1
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 13 Dec 2019 10:03:51 GMT
Server
AmazonS3
Date
Sun, 01 Nov 2020 12:13:52 GMT
Vary
Origin
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 19c54bffe8b0bb7f9e7501fa2c823262.cloudfront.net (CloudFront)
X-Amz-Cf-Id
otooUwPAnMxix8QOltJcsrqevxjZGEgwyCFJ8tj2sEeBJtnf-oqQlg==
_Incapsula_Resource
secure.everyaction.com/ 		138 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=304838057
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
2244f2c256327269b837aaf1beb33d3803eef941cab4465331bf74638ba2d3a9

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
19983
Content-Type
application/javascript
gtm.js
www.googletagmanager.com/ 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
86149ed81dfa6cf2f2eb986217e279f5075dfb72af4c0a147eb94f8585dd1665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 12:13:52 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36586
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 Nov 2020 12:13:52 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa22c5b57b14ac379cfc58151508b36ad2b483a6931c1597b365f22e26a7543d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
zWRbUa6SQ6nx5yeIiHw5lg==
status
200
cross-origin-resource-policy
cross-origin
content-length
1781
etag
"756cf91fa0ca313748dc4f20762af7e9"
x-fb-debug
zT8qLrvOnCFVJl804sES0emRq6lRHK2Z97EWRlP0/LFmP6CSyKxkX6g56WTXERbIfh6tGm1Z9X54vHnlz2Zj8w==
x-fb-trip-id
1425083115
x-fb-content-md5
4fbb5af6cfa00eb463b6e6cc7614005d
x-frame-options
DENY
date
Sun, 01 Nov 2020 12:13:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 01 Nov 2020 12:20:04 GMT
widgets.js
platform.twitter.com/ 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B5) /
Resource Hash
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 01 Nov 2020 12:13:52 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1090
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28698
x-tw-cdn
VZ
Last-Modified
Thu, 01 Oct 2020 21:52:09 GMT
Server
ECS (fcn/40B5)
Etag
"a671d4d584ef50954e5cebb21da17065+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
1187
date
Sun, 01 Nov 2020 11:54:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Sun, 01 Nov 2020 13:54:05 GMT
ai.2.min.js
az416426.vo.msecnd.net/scripts/b/ 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F5B) /
Resource Hash
9dbbe78a9fe127367c7859fe6c87cb7728a134047bb9e56bd7c180408110bfda

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sun, 01 Nov 2020 12:13:52 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-12 17:27:04
content-md5
D4iMWmgUjs++kp3KwoO+kA==
age
768
x-cache
HIT
status
200
x-ms-meta-aijssdksrc
[scripts]/b/ai.2.5.9.min.js
content-length
37648
x-ms-lease-status
unlocked
last-modified
Fri, 23 Oct 2020 22:15:24 GMT
server
ECAcc (frc/8F5B)
x-ms-meta-aijssdkver
2.5.9
etag
0x8D877A123F6C85D
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
809d0553-e01e-0079-2146-b06b42000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable
x-ms-version
2009-09-19
expires
Sun, 01 Nov 2020 12:43:52 GMT
sdk.js
connect.facebook.net/en_US/ 		195 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7e7f753f9506a39f68768b70c762598d&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d6bad2640d82e348f3a55e051a6bb22198143ae4f1f57c160dea1905a0d3024c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://secure.everyaction.com
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
eL+8ddc7FyVBnY/2imw8bw==
status
200
cross-origin-resource-policy
cross-origin
content-length
60114
etag
"9c688813bebc2aebb46ce2d3cc47d358"
x-fb-debug
i9zBMKhzh8Jtpd1QuuKVIoT9C2HkQjzLa6og9H3Sd4uAnGhpE4uzgkCDGP9SDepDI465kt1qByics0Ri+irpsg==
x-fb-trip-id
2133530978
x-fb-content-md5
f1173b73a1302b904bd8f1116f51f374
x-frame-options
DENY
date
Sun, 01 Nov 2020 12:13:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 01 Nov 2021 11:15:35 GMT
identity
profile.ngpvan.com/ 		72 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/identity?callback=_jqjsp
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
6addfeff19102e321c9400f8d4532d4b74e8bf28964fcd6ba4e8dacd2cec3c69
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 12:13:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Microsoft-IIS/10.0
x-powered-by
Express, ASP.NET
vary
Accept-Encoding
p3p
CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
status
200
x-iinfo
10-2118129-2118131 NNNN CT(0 0 2) RT(1604232832387 0) q(0 0 3 0) r(5 5) U19
x-cdn
Incapsula
content-type
text/javascript; charset=utf-8
content-length
190
etag
W/"48-Vf7h4UvdqFCTIVwlnXUPhOKqs94"
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
gtm.js
www.googletagmanager.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc5b525faf999ec7781600e5bd5752c104cf3754f760647ef46a957ca64ac979
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 12:13:52 GMT
content-encoding
br
vary
Accept-Encoding
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33689
x-xss-protection
0
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 01 Nov 2020 12:13:52 GMT
extra.min.css
d3rse9xjbp8270.cloudfront.net/ 		92 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad6db6aac71469960bd005df1616fb95f11906bc2fb0c64e7c348026cb8e1d66

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 31 Oct 2020 22:58:18 GMT
content-encoding
gzip
age
48225
x-cache
Hit from cloudfront
status
200
content-length
15886
access-control-allow-origin
*
last-modified
Fri, 16 Oct 2020 11:11:56 GMT
server
AmazonS3
etag
"5377ef12fa07c855200716e8ce58413c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
text/css; charset=utf-8
via
1.1 d801ae07b5a25e1b54be4791dba41742.cloudfront.net (CloudFront)
cache-control
max-age=900, s-maxage=86400, public
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-amz-cf-id
8MuOig0fPbeJHEPHz4lQzwf0f1zPBGuO5m39zs8EHXz6Tq08JY3A7w==
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM473M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3484
date
Sun, 01 Nov 2020 11:15:48 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 01 Nov 2020 13:15:48 GMT
9ksGbwYWX02RBL76EWdQMA2
secure.everyaction.com/v1/Forms/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/v1/Forms/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/at.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
38db1a576725dca740fdd6d476ac4e9c1ece10e1b6ac0b69728d80f6f03f665d
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Transfer-Encoding
chunked
X-Iinfo
9-2154710-2154711 SNNN RT(1604232831296 1107) q(0 0 0 -1) r(3 3) U2
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Pragma
no-cache
Last-Modified
Sun, 01 Nov 2020 12:13:52 GMT
Date
Sun, 01 Nov 2020 12:13:52 GMT
X-Frame-Options
SAMEORIGIN
Content-Type
application/json; charset=utf-8
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
ETag
"5c6fd6ca-8a2e-4aac-bd12-74605d5b90cb"
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Expires
-1
_Incapsula_Resource
secure.everyaction.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/_Incapsula_Resource?SWKMTFSR=1&e=0.7387028007148884
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html
platform.twitter.com/widgets/ Frame 1D51 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.96fd96193cc66c3e11d4c5e4c7c7ec97.html?origin=https%3A%2F%2Fsecure.everyaction.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40B4) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1521829
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 01 Nov 2020 12:13:52 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 01 Oct 2020 21:50:01 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40B4)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
ngpvan-logo-16.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 		617 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3rse9xjbp8270.cloudfront.net/assets/images/ngpvan-logo-16.png
Requested by
Host: d3rse9xjbp8270.cloudfront.net
URL: https://d3rse9xjbp8270.cloudfront.net/extra.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2070:d000:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16

Request headers

Referer
https://d3rse9xjbp8270.cloudfront.net/extra.min.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 08 Oct 2020 10:36:06 GMT
via
1.1 d801ae07b5a25e1b54be4791dba41742.cloudfront.net (CloudFront)
age
2079467
x-cache
Hit from cloudfront
status
200
content-length
617
last-modified
Thu, 03 Oct 2019 17:12:46 GMT
server
AmazonS3
etag
"3d6f9aab1e809b87c195e78264cb01f8"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000
x-amz-cf-pop
HAM50-C3
accept-ranges
bytes
x-amz-cf-id
Xv0tg86WnY0JJF1LSBwvoJLFzAuS-xiRa-mO2GK0uu2M5keA337Orw==
collect
stats.g.doubleclick.net/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-62682497-4&cid=334363814.1604232833&jid=2146387327&gjid=1533468732&_gid=1950289095.1604232833&_u=YGBAgAABAAAAAE~&z=648698884
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 01 Nov 2020 12:13:52 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=2146387327&gjid=1533468732&cid=334363814.1604232833&tid=UA-62682497-4&_gid=1950289095.1604232833&gtm=2wgal2PM473M&z=129103613
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11441
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sweetspot.js
d1aqhv4sn5kxtx.cloudfront.net/actiontag/ 		8 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1aqhv4sn5kxtx.cloudfront.net/actiontag/sweetspot.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5L2FSL&l=atLayer
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.81 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-81.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sat, 31 Oct 2020 18:58:23 GMT
Via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
Age
62130
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8149
Last-Modified
Tue, 06 Aug 2019 21:06:41 GMT
Server
AmazonS3
ETag
"37a7034ed35eb1d861eba8fca5dbdea6"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=900, s-maxage=86400, public
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
XqnrkeqZW4QseQVGQkdOU1qki0lSCySVtjUrB1DHMsucWAsf2fBO5Q==
collect
www.google-analytics.com/j/ 		1 B
71 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=973435835&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Downloading&utt=354&_u=aGDAAEABAAAAAG~&jid=424344380&gjid=359019931&cid=334363814.1604232833&tid=UA-28243511-22&_gid=1950289095.1604232833&_r=1&gtm=2wgal25L2FSL&z=1653452710
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 12:13:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=973435835&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=SelfServicePortalRequest&ea=Form%20Load&el=Minimal&ev=2&_u=aGHAAEABAAAAAG~&jid=797498910&gjid=2084720387&cid=334363814.1604232833&tid=UA-28243511-20&_gid=1950289095.1604232833&_r=1&gtm=2wgal25L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FAV%2FNARMM%2F1%2F47100&cd5=Request%20update%20link&cd6=9ksGbwYWX02RBL76EWdQMA2&z=2125037670
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 12:13:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-28243511-20&cid=334363814.1604232833&jid=2064631768&gjid=313778378&_gid=1950289095.1604232833&_u=aGHAgEABAAAAAG~&z=425871842
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 01 Nov 2020 12:13:52 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGHAgEABAAAAAG~&jid=2064631768&gjid=313778378&cid=334363814.1604232833&tid=UA-28243511-20&_gid=1950289095.1604232833&gtm=2wgal25L2FSL&cd2=ngpvan%3A%2F%2Fvan%2FAV%2FNARMM%2F1%2F47100&cd5=Request%20update%20link&cd6=9ksGbwYWX02RBL76EWdQMA2&z=535080042
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Processing&utt=15&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=334363814.1604232833&tid=UA-28243511-22&_gid=1950289095.1604232833&gtm=2wgal25L2FSL&z=877254141
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
9ksGbwYWX02RBL76EWdQMA2
secure.everyaction.com/v1/Track/ 		0
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.everyaction.com/v1/Track/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&%3Bakid=63746.4371514.VnO8zz&%3Bt=9&formSessionId=15d14ca5-79c2-4de3-b86a-fd8c9cf4e309
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Sun, 01 Nov 2020 12:13:52 GMT
X-Frame-Options
SAMEORIGIN
X-Iinfo
9-2154710-2154711 SNNN RT(1604232831296 1595) q(0 1 1 -1) r(2 2) U2
Access-Control-Expose-Headers
Request-Context
Cache-Control
no-cache
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
-1
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Render&utt=10&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=334363814.1604232833&tid=UA-28243511-22&_gid=1950289095.1604232833&gtm=2wgal25L2FSL&z=214426978
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Fill&utt=3&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=334363814.1604232833&tid=UA-28243511-22&_gid=1950289095.1604232833&gtm=2wgal25L2FSL&z=1962245681
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Form&utt=481&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=334363814.1604232833&tid=UA-28243511-22&_gid=1950289095.1604232833&gtm=2wgal25L2FSL&z=222664223
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=timing&_s=1&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=ActionTag&utv=Total&utt=555&_u=aGHAAEABAAAAAG~&jid=&gjid=&cid=334363814.1604232833&tid=UA-28243511-22&_gid=1950289095.1604232833&gtm=2wgal25L2FSL&z=1905193494
Requested by
Host: secure.everyaction.com
URL: https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
48 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-28243511-20&cid=334363814.1604232833&jid=797498910&gjid=2084720387&_gid=1950289095.1604232833&_u=aGHAAEABAAAAAG~&z=467559568
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 01 Nov 2020 12:13:53 GMT
status
200
content-type
text/plain
access-control-allow-origin
https://secure.everyaction.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
nvtag
profile.ngpvan.com/v2/data/lFUc5fPzn4zdMwo4668wm4LN/ 		2 B
940 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://profile.ngpvan.com/v2/data/lFUc5fPzn4zdMwo4668wm4LN/nvtag
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 12:13:53 GMT
content-encoding
gzip
etag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
server
Microsoft-IIS/10.0
status
200
x-powered-by
Express, ASP.NET
vary
Origin,Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://secure.everyaction.com
x-iinfo
5-7839981-7839983 NNNN CT(0 0 2) RT(1604232832942 0) q(0 0 3 0) r(4 4) U12
access-control-allow-credentials
true
content-length
123
x-cdn
Incapsula
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
collect
www.google-analytics.com/ 		35 B
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j87&a=973435835&t=timing&_s=2&dl=https%3A%2F%2Fsecure.everyaction.com%2F9ksGbwYWX02RBL76EWdQMA2%3Fakid%3D63746.4371514.VnO8zz%26amp%253Bakid%3D63746.4371514.VnO8zz%26amp%253Bt%3D9&ul=en-us&de=UTF-8&dt=Unsubscribe&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2379&pdt=1&dns=7&rrt=614&srt=488&tcp=38&dit=1645&clt=1645&_gst=1690&_gbt=1872&_cst=1623&_cbt=1658&_u=aGHAgEABAAAAAG~&jid=&gjid=&cid=334363814.1604232833&tid=UA-62682497-4&_gid=1950289095.1604232833&gtm=2wgal2PM473M&z=1356462121
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 01 Nov 2020 09:03:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11442
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://secure.everyaction.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Sun, 01 Nov 2020 12:13:52 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		96 B
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.140.6.23 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
31011b0ffcd6e342bd17900f2f36303e05a55db177ba6a9e6ead8df061554f77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
68FFCB8A-1685-4C49-822A-13D5077E1411
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
status
200
date
Sun, 01 Nov 2020 12:13:52 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
96
lFUc5fPzn4zdMwo4668wm4LN
forms-prod.azurewebsites.net/Databag/Profile/ 		0
0
lFUc5fPzn4zdMwo4668wm4LN
actions.everyaction.com/Databag/Profile/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://actions.everyaction.com/Databag/Profile/lFUc5fPzn4zdMwo4668wm4LN
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Sun, 01 Nov 2020 12:13:53 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
https://secure.everyaction.com
X-Iinfo
10-2118136-2118139 NNNN CT(97 199 0) RT(1604232833442 28) q(0 0 3 -1) r(4 4) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
lFUc5fPzn4zdMwo4668wm4LN
actions.ngpvan.com/Databag/Profile/ 		0
878 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://actions.ngpvan.com/Databag/Profile/lFUc5fPzn4zdMwo4668wm4LN
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cdn
Incapsula
status
204
date
Sun, 01 Nov 2020 12:13:53 GMT
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://secure.everyaction.com
x-iinfo
10-2118134-2118137 NNNN CT(97 201 0) RT(1604232833440 0) q(0 0 3 0) r(4 4) U11
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
lFUc5fPzn4zdMwo4668wm4LN
secure.everyaction.com/Databag/Profile/ 		0
713 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.everyaction.com/Databag/Profile/lFUc5fPzn4zdMwo4668wm4LN
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
Request-Id
|570a1b3052194e4dba85a101ad5c23ee.ef6402736eb54cce
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
X-CDN
Incapsula
Date
Sun, 01 Nov 2020 12:13:53 GMT
X-Frame-Options
SAMEORIGIN
Access-Control-Allow-Origin
*
X-Iinfo
9-2154710-2154711 SNNN RT(1604232831296 2125) q(0 0 0 -1) r(1 1) U11
Access-Control-Expose-Headers
Request-Context
Cache-Control
private
Content-Security-Policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
lFUc5fPzn4zdMwo4668wm4LN
secure.ngpvan.com/Databag/Profile/ 		0
644 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.ngpvan.com/Databag/Profile/lFUc5fPzn4zdMwo4668wm4LN
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Referer
https://secure.everyaction.com/9ksGbwYWX02RBL76EWdQMA2?akid=63746.4371514.VnO8zz&amp%3Bakid=63746.4371514.VnO8zz&amp%3Bt=9
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-cdn
Incapsula
status
204
date
Sun, 01 Nov 2020 12:13:53 GMT
x-frame-options
SAMEORIGIN
access-control-allow-origin
https://secure.everyaction.com
x-iinfo
10-2118135-2118138 NNNN CT(98 200 0) RT(1604232833442 0) q(0 0 3 3) r(4 4) U11
access-control-expose-headers
Request-Context
cache-control
private
access-control-allow-credentials
true
content-security-policy
default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-xss-protection
1; mode=block
request-context
appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
forms-prod.azurewebsites.net
URL
https://forms-prod.azurewebsites.net/Databag/Profile/lFUc5fPzn4zdMwo4668wm4LN

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes string| sdkInstance string| aiName object| aisdk string| appInsightsSDK object| appInsights function| handleScriptLoadError object| dataLayer function| fbAsyncInit object| twttr boolean| exileHeaderAndFooter number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| VgForm object| SecureForm object| VGSCollect function| _ object| CSSModal object| intlTelInputGlobals function| intlTelInput object| nvtag object| _gaq object| FB object| google_tag_manager object| Backbone function| _jqjsp object| atLayer object| google_tag_data string| GoogleAnalyticsObject function| ga object| user object| nvtag_plugins function| cardFromNumber function| cardFromType function| luhnCheck function| hasTextSelected function| safeVal function| replaceFullWidthChars function| reFormatNumeric function| reFormatCardNumber function| formatCardNumber function| formatBackCardNumber function| reFormatExpiry function| formatExpiry function| formatForwardExpiry function| formatForwardSlashAndSpace function| formatBackExpiry function| reFormatCVC function| restrictNumeric function| restrictCardNumber function| restrictExpiry function| restrictCVC function| setCardType object| __twttrll object| __twttr object| _gat object| e function| t object| Microsoft function| __assign function| __extends object| gaplugins object| gaGlobal object| gaData function| transactionFilter function| oldPush boolean| sweetSpotEnabled object| nvtag_callbacks object| formview

15 Cookies

Domain/Path Name / Value
.everyaction.com/ Name: _dc_gtm_UA-28243511-20
Value: 1
.everyaction.com/ Name: _gat_UA-28243511-20
Value: 1
.everyaction.com/ Name: _ga
Value: GA1.2.334363814.1604232833
.secure.everyaction.com/ Name: _dc_gtm_UA-62682497-4
Value: 1
.secure.everyaction.com/ Name: _gid
Value: GA1.3.1950289095.1604232833
.everyaction.com/ Name: _gat_UA-28243511-22
Value: 1
secure.everyaction.com/ Name: ai_session
Value: xXCLFzzGD/P+G78ZDaBXDu|1604232832676|1604232832676
secure.everyaction.com/ Name: ai_user
Value: GTuOO0qvgCueIpWMyqoihM|2020-11-01T12:13:52.645Z
.secure.everyaction.com/ Name: x-ms-routing-name
Value: self
.everyaction.com/ Name: visid_incap_823975
Value: xKfkxM+ESveGHLNjHucQqH+mnl8AAAAAQUIPAAAAAABeqtR/e8A4YRTuwMaE9hvQ
.secure.everyaction.com/ Name: TiPMix
Value: 18.0806339336935
.everyaction.com/ Name: _gid
Value: GA1.2.1950289095.1604232833
.everyaction.com/ Name: incap_ses_1098_823975
Value: q6+xNG7EnDN4fVbxaOE8D3+mnl8AAAAAkZcjBJYfHEVzG2Tsz4Pu8Q==
.secure.everyaction.com/ Name: _ga
Value: GA1.3.334363814.1604232833
.everyaction.com/ Name: nlbi_823975
Value: 7TKlGoSSKT2Hpu6jOu0ZEgAAAADmGDf0Q+7wBrXPzPnjBGNI

6 Console Messages

Source Level URL
Text
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Downloading: 354.294189453125 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Processing: 15.26416015625 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Render: 10.43798828125 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Fill: 2.787841796875 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Form: 481.270263671875 ms
console-api debug URL: https://d3rse9xjbp8270.cloudfront.net/at.js(Line 7)
Message:
Total: 555.28173828125 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

actions.everyaction.com
actions.ngpvan.com
az416426.vo.msecnd.net
connect.facebook.net
d1aqhv4sn5kxtx.cloudfront.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
forms-prod.azurewebsites.net
js.verygoodvault.com
nvlupin.blob.core.windows.net
platform.twitter.com
prochoiceamerica.actionkit.com
profile.ngpvan.com
secure.everyaction.com
secure.ngpvan.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
forms-prod.azurewebsites.net
143.204.101.81
2600:9000:2070:d000:12:303c:8700:21
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:802::2008
2a00:1450:4001:80b::2008
2a00:1450:4001:816::200e
2a00:1450:400c:c01::9c
2a00:1450:400c:c07::9a
2a03:2880:f02d:12:face:b00c:0:3
45.60.33.183
51.140.6.23
52.239.157.138
52.53.118.60
52.85.32.31
0bb4162f0b42086a35ba69b25bbebb373401777a9fbfee8e45b56f502cff7a64
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2244f2c256327269b837aaf1beb33d3803eef941cab4465331bf74638ba2d3a9
2b418a10ba4680c77fa07fb0e736eec6306cba0dbbbc8deac94a25e679178e15
2decb492a5b143c935ba3f8b6a9a1dc970335e8981fb5f42b3ee7966735eeb16
31011b0ffcd6e342bd17900f2f36303e05a55db177ba6a9e6ead8df061554f77
38db1a576725dca740fdd6d476ac4e9c1ece10e1b6ac0b69728d80f6f03f665d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
6addfeff19102e321c9400f8d4532d4b74e8bf28964fcd6ba4e8dacd2cec3c69
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86149ed81dfa6cf2f2eb986217e279f5075dfb72af4c0a147eb94f8585dd1665
95ac1f1def60e852655ec8ab415bde5ac7be2247f019742d6cf4ddaca413ee2b
9dbbe78a9fe127367c7859fe6c87cb7728a134047bb9e56bd7c180408110bfda
aa22c5b57b14ac379cfc58151508b36ad2b483a6931c1597b365f22e26a7543d
ad6db6aac71469960bd005df1616fb95f11906bc2fb0c64e7c348026cb8e1d66
b8492fb2692042df038f6ed3a0f874e72125916c0cbe1570f59b991c78039f3c
d2219782bf808672e486c65601b5bd41e52041c592ba9bfde1030a820f257baf
d32edd2deab9a90a989acdfb16d6fcf57bbe15acb7716c3d851e10f1fcfc1163
d6bad2640d82e348f3a55e051a6bb22198143ae4f1f57c160dea1905a0d3024c
dc5b525faf999ec7781600e5bd5752c104cf3754f760647ef46a957ca64ac979
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e83dfb93fa54757ddf18fc003b152cb4b5cab5f10054cc3315b9d0c8a7ad06e7
f1d547abfc42b4163965cf4006cc9869bf0505ff49eb735cc647062bd554f85a
f7a2fe21142b2cc05ed28f766802f9f3b248427ecb3dd88543f7e51420e591df