takeaction.sandyhookpromise.org Open in urlscan Pro
13.32.27.27 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://takeaction.sandyhookpromise.org/a/foundation
Effective URL:
https://takeaction.sandyhookpromise.org/a/foundation
Submission: On March 14 via manual (March 14th 2024, 7:54:30 pm UTC) from US — Scanned from DE

Summary HTTP 99 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 38 IPs in 4 countries across 30 domains to perform 99 HTTP transactions. The main IP is 13.32.27.27, located in United States and belongs to AMAZON-02, US. The main domain is takeaction.sandyhookpromise.org. The Cisco Umbrella rank of the primary domain is 656079.
TLS certificate: Issued by Amazon RSA 2048 M01 on July 23rd 2023. Valid for: a year.

This is the only time takeaction.sandyhookpromise.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.32.27.64 13.32.27.64	16509 (AMAZON-02) (AMAZON-02)
3	13.32.27.27 13.32.27.27	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:249... 2600:9000:2490:6800:3:1d53:4780:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	54.231.232.97 54.231.232.97	16509 (AMAZON-02) (AMAZON-02)
1	20.60.58.97 20.60.58.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	45.223.139.238 45.223.139.238	19551 (INCAPSULA) (INCAPSULA)
21	18.172.112.109 18.172.112.109	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	44.209.137.118 44.209.137.118	14618 (AMAZON-AES) (AMAZON-AES)
1	34.117.162.98 34.117.162.98	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
4	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	13.32.27.54 13.32.27.54	16509 (AMAZON-02) (AMAZON-02)
6	45.60.33.183 45.60.33.183	19551 (INCAPSULA) (INCAPSULA)
2	34.111.186.1 34.111.186.1	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
1	54.156.2.105 54.156.2.105	14618 (AMAZON-AES) (AMAZON-AES)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	23.96.109.67 23.96.109.67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2600:9000:225... 2600:9000:2251:da00:12:303c:8700:21	16509 (AMAZON-02) (AMAZON-02)
2	20.50.88.244 20.50.88.244	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.89.99.220 52.89.99.220	16509 (AMAZON-02) (AMAZON-02)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
8	3.69.121.132 3.69.121.132	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1	3.219.226.109 3.219.226.109	14618 (AMAZON-AES) (AMAZON-AES)
1	35.81.162.201 35.81.162.201	16509 (AMAZON-02) (AMAZON-02)
99	38

1 13.32.27.64 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-64.fra56.r.cloudfront.net

takeaction.sandyhookpromise.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-27.fra56.r.cloudfront.net

takeaction.sandyhookpromise.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2490:6800:3:1d53:4780:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.232.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

missionwired.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.60.58.97 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

nvlupin.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.223.139.238 (United States)

ASN19551 (INCAPSULA, US)

prod.cdn.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 18.172.112.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-172-112-109.fra60.r.cloudfront.net

js.verygoodvault.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.209.137.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-137-118.compute-1.amazonaws.com

dx.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.162.98 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 98.162.117.34.bc.googleusercontent.com

pixel.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-54.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 45.60.33.183 (United States)

ASN19551 (INCAPSULA, US)

profile.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.everyaction.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fastaction.ngpvan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.186.1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 1.186.111.34.bc.googleusercontent.com

evnt.byspotify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.156.2.105 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-2-105.compute-1.amazonaws.com

54.156.2.105	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.96.109.67 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

doublethedonation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2251:da00:12:303c:8700:21 (United States)

ASN16509 (AMAZON-02, US)

d3rse9xjbp8270.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.50.88.244 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.89.99.220 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-99-220.us-west-2.compute.amazonaws.com

px.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.69.121.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.226.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-226-109.compute-1.amazonaws.com

vgs-collect-keeper.apps.verygood.systems	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.81.162.201 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-162-201.us-west-2.compute.amazonaws.com

gs.mountain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	verygoodvault.com js.verygoodvault.com — Cisco Umbrella Rank: 25593	554 KB
11	everyaction.com static.everyaction.com — Cisco Umbrella Rank: 84671 prod.cdn.everyaction.com — Cisco Umbrella Rank: 63190 secure.everyaction.com — Cisco Umbrella Rank: 72736	316 KB
8	braintreegateway.com client-analytics.braintreegateway.com — Cisco Umbrella Rank: 9707	1 KB
5	cloudfront.net d3rse9xjbp8270.cloudfront.net	108 KB
5	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2609 www.google.com — Cisco Umbrella Rank: 2	798 B
4	doublethedonation.com doublethedonation.com — Cisco Umbrella Rank: 46991	110 KB
4	mountain.com dx.mountain.com — Cisco Umbrella Rank: 5654 px.mountain.com — Cisco Umbrella Rank: 5731 gs.mountain.com — Cisco Umbrella Rank: 12521	8 KB
4	gstatic.com fonts.gstatic.com	84 KB
4	sandyhookpromise.org 1 redirects takeaction.sandyhookpromise.org — Cisco Umbrella Rank: 656079	29 KB
3	ngpvan.com profile.ngpvan.com — Cisco Umbrella Rank: 62164 fastaction.ngpvan.com — Cisco Umbrella Rank: 119674	3 KB
3	byspotify.com pixel.byspotify.com — Cisco Umbrella Rank: 9374 evnt.byspotify.com — Cisco Umbrella Rank: 9428	7 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 10251	1 KB
2	visualstudio.com dc.services.visualstudio.com — Cisco Umbrella Rank: 684	200 B
2	google.de www.google.de — Cisco Umbrella Rank: 6932	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 90	407 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 742 script.hotjar.com — Cisco Umbrella Rank: 1067	59 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 188	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 43	201 KB
1	verygood.systems vgs-collect-keeper.apps.verygood.systems — Cisco Umbrella Rank: 74209	111 B
1	paypal.com checkout.paypal.com — Cisco Umbrella Rank: 14738	3 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	274 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2739	232 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 782	396 B
1	t.co t.co — Cisco Umbrella Rank: 651	377 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 764	15 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2684	47 KB
1	windows.net nvlupin.blob.core.windows.net — Cisco Umbrella Rank: 82076	97 KB
1	amazonaws.com missionwired.s3.amazonaws.com	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 38	917 B
99	30

	Domain	Requested by
21	js.verygoodvault.com	takeaction.sandyhookpromise.org js.verygoodvault.com
8	client-analytics.braintreegateway.com	az416426.vo.msecnd.net
5	d3rse9xjbp8270.cloudfront.net	static.everyaction.com
5	static.everyaction.com	takeaction.sandyhookpromise.org static.everyaction.com
4	doublethedonation.com	static.everyaction.com doublethedonation.com az416426.vo.msecnd.net
4	region1.analytics.google.com	www.googletagmanager.com
4	fonts.gstatic.com	takeaction.sandyhookpromise.org fonts.googleapis.com
4	takeaction.sandyhookpromise.org	1 redirects takeaction.sandyhookpromise.org
3	secure.everyaction.com	az416426.vo.msecnd.net
3	prod.cdn.everyaction.com	takeaction.sandyhookpromise.org
2	payments.braintree-api.com	az416426.vo.msecnd.net
2	px.mountain.com	dx.mountain.com takeaction.sandyhookpromise.org
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	evnt.byspotify.com	az416426.vo.msecnd.net
2	profile.ngpvan.com	static.everyaction.com az416426.vo.msecnd.net
2	www.google.de	takeaction.sandyhookpromise.org
2	stats.g.doubleclick.net	www.googletagmanager.com az416426.vo.msecnd.net
2	connect.facebook.net	takeaction.sandyhookpromise.org connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
2	www.googletagmanager.com	takeaction.sandyhookpromise.org www.googletagmanager.com
1	gs.mountain.com	takeaction.sandyhookpromise.org
1	vgs-collect-keeper.apps.verygood.systems	js.verygoodvault.com
1	checkout.paypal.com	static.everyaction.com
1	fastaction.ngpvan.com	az416426.vo.msecnd.net
1	www.facebook.com	takeaction.sandyhookpromise.org
1	vc.hotjar.io	az416426.vo.msecnd.net
1	www.google.com	takeaction.sandyhookpromise.org
1	script.hotjar.com	static.hotjar.com
1	analytics.twitter.com	takeaction.sandyhookpromise.org
1	t.co	takeaction.sandyhookpromise.org
1	static.hotjar.com	takeaction.sandyhookpromise.org
1	pixel.byspotify.com	takeaction.sandyhookpromise.org
1	dx.mountain.com	takeaction.sandyhookpromise.org
1	static.ads-twitter.com	takeaction.sandyhookpromise.org
1	az416426.vo.msecnd.net	takeaction.sandyhookpromise.org
1	nvlupin.blob.core.windows.net	takeaction.sandyhookpromise.org
1	missionwired.s3.amazonaws.com	takeaction.sandyhookpromise.org
1	fonts.googleapis.com	takeaction.sandyhookpromise.org
99	38

This site contains links to these domains. Also see Links.

Domain
www.sandyhookpromise.org
fastaction.ngpvan.com

Subject Issuer	Validity	Valid
sandyhookpromise-oa.edge.targetedaction.net Amazon RSA 2048 M01	`2023-07-23` - `2024-08-20`	a year	crt.sh
static.everyaction.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.blob.core.windows.net Microsoft Azure TLS Issuing CA 06	`2024-02-15` - `2024-06-27`	4 months	crt.sh
imperva.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-02-15` - `2024-08-13`	6 months	crt.sh
*.verygoodvault.com Amazon RSA 2048 M02	`2023-12-19` - `2025-01-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2024-01-30` - `2025-01-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-23` - `2024-03-22`	3 months	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.mountain.com Go Daddy Secure Certificate Authority - G2	`2023-06-12` - `2024-06-23`	a year	crt.sh
pixel.byspotify.com GTS CA 1D4	`2024-02-29` - `2024-05-29`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
t.co DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-07` - `2025-01-06`	a year	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-31` - `2024-10-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.ngpvan.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-11-07` - `2024-11-06`	a year	crt.sh
prfx.byspotify.com GTS CA 1D4	`2024-03-05` - `2024-06-03`	3 months	crt.sh
*.everyaction.com RapidSSL TLS ECC CA G1	`2024-03-04` - `2025-03-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
54.156.2.105 Sectigo RSA Domain Validation Secure Server CA	`2024-01-25` - `2025-02-14`	a year	crt.sh
doublethedonation.com R3	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
prod.ai.ingestion.msftcloudes.com Microsoft Azure RSA TLS Issuing CA 07	`2024-02-12` - `2025-02-06`	a year	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2023-08-23` - `2024-09-22`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-01-24` - `2025-01-23`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2023-10-12` - `2024-10-31`	a year	crt.sh
*.apps.verygood.systems Amazon RSA 2048 M01	`2023-06-23` - `2024-07-21`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://takeaction.sandyhookpromise.org/a/foundation
Frame ID: 9ED2AB9A47AEB5F90AC82D9FBB1325B2
Requests: 71 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 08A0B928EEC5C81FC86AD1B929EFCF5F
Requests: 3 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 9BA8F0A9DC5BC784BB9F60816A2FAF70
Requests: 17 HTTP requests in this frame

Frame: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Frame ID: 9CBC34750845331E724800D6E15FD087
Requests: 2 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html
Frame ID: 732D209DFA3B6A52B294B609B1F98950
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Donate to Help Protect Children From Gun Violence

Page URL History Show full URLs

http://takeaction.sandyhookpromise.org/a/foundation HTTP 301
https://takeaction.sandyhookpromise.org/a/foundation Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Page Statistics

99
Requests

100 %
HTTPS

34 %
IPv6

30
Domains

38
Subdomains

38
IPs

4
Countries

1748 kB
Transfer

5376 kB
Size

21
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sandyhookpromise.org/

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/##whats-this
Title: ?

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid_signup
Title: Sign up with your email address

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/terms
Title: terms of service

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/privacy
Title: privacy policy.

Search URL Search Domain Scan URL

URL: https://fastaction.ngpvan.com/auth/actionid
Title: Log in with your email address

Search URL Search Domain Scan URL

URL: https://www.sandyhookpromise.org/privacy-policy
Title: Privacy policy.

Search URL Search Domain Scan URL

URL: https://www.sandyhookpromise.org/blog/news/awards-and-charity-ratings/

Search URL Search Domain Scan URL

URL: https://www.sandyhookpromise.org/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.sandyhookpromise.org/contact-us/
Title: Contact Us

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://takeaction.sandyhookpromise.org/a/foundation HTTP 301
https://takeaction.sandyhookpromise.org/a/foundation Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

99 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request foundation Show response
takeaction.sandyhookpromise.org/a/
Redirect Chain

http://takeaction.sandyhookpromise.org/a/foundation
https://takeaction.sandyhookpromise.org/a/foundation

19 KB
7 KB

1000ms
914ms

Document
text/html

13.32.27.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.27 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-27.fra56.r.cloudfront.net

Software

Resource Hash

1bc2ef4188db38d8ba32ed3e68bf08ab4ec9da641fe05bdc6bd163f8477143cc

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Request-Context
cache-control: public, max-age=10
content-encoding: gzip
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
content-type: text/html; charset=utf-8
date: Thu, 14 Mar 2024 19:54:23 GMT
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-id: x1p3AcMwpMyKLqb140iXIKVdF8h3C9DYLE12JYfj7faUQW4qzOpDRA==
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
x-cdn: Imperva
x-content-type-options: nosniff
x-iinfo: 5-105865085-105841998 2NNN RT(1710446059066 3775) q(0 0 0 15) r(5 5)
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 14 Mar 2024 19:54:22 GMT
Location: https://takeaction.sandyhookpromise.org/a/foundation
Server: CloudFront
Via: 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront)
X-Amz-Cf-Id: gqa-z2d1IPeCuQjpgvWA33j5Gu2skk-k-eFTISkjBp3rKGqB5mwo1Q==
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Redirect from cloudfront

GET
H2 200 at.js Show response
static.everyaction.com/ea-actiontag/ 843 KB
237 KB 216ms
46ms Script
application/javascript 2600:9000:2490:6800:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.js
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 61dbcbef97240ee8e715b49b761817ae239fd06f8786d8c4f3b1d57e8a36d2c3

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:37:50 GMT
content-encoding: gzip
via: 1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 18994
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 241668
last-modified: Tue, 12 Mar 2024 14:37:28 GMT
server: AmazonS3
etag: "9273b9132f4fc9f01f3018af1e1f7f9b"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: z7HPCtihkoo5SgGptbae9pR1ZB22qh1_J_LZaNAPa4nBwYnLRnEyaw==

GET
H2 200 at.min.css
static.everyaction.com/ea-actiontag/ 59 KB
12 KB 138ms
44ms Stylesheet
text/css 2600:9000:2490:6800:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/at.min.css
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5c974f1e5d7bbff53628c97444ed7201fd2e60f802096fe97dcb8bb88b92165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 03:17:34 GMT
content-encoding: gzip
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 59810
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 11704
last-modified: Tue, 12 Mar 2024 14:37:28 GMT
server: AmazonS3
etag: "9145c1834d4c50ce8964c2b6b23d92eb"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: SugSuSosCqOTSa4B_NV8dI5VXJBnm0SovNx1_DfinDjfZ0v896dHxw==

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
917 B 136ms
50ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32eeeddefc8acfe73216a65d418ccb1daf74c75fe91b53d8da9e3e84a66467b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 19:54:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 19:54:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Mar 2024 19:54:23 GMT

GET
H/1.1 200
OK main.js Show response
missionwired.s3.amazonaws.com/everyaction-upsell/prod/ 6 KB
6 KB 392ms
140ms Script
application/javascript 54.231.232.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://missionwired.s3.amazonaws.com/everyaction-upsell/prod/main.js
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.232.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c2361b92ee7c501d8cbacb3e232d9a26ab07bd596b2fffad905c034aa17a21ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 19:54:24 GMT
x-amz-version-id: null
Last-Modified: Fri, 03 Nov 2023 19:55:52 GMT
Server: AmazonS3
x-amz-request-id: S2TFZFGF8WXG8R2K
ETag: "722d3a69cbd3d3f2b7a02d28d3d882cd"
x-amz-server-side-encryption: AES256
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 6127
x-amz-id-2: 63bzvcbPMgZ3Qn9CHB1s+USkhp0xL5PbsLvYD7vALbxCzj4b1N3Lf3lDX4LNjMA+V6mS11IeKGM=

GET
H/1.1 200
OK logo.png
nvlupin.blob.core.windows.net/images/van/SHPRO/SHPRO/1/92586/images/ 97 KB
97 KB 803ms
409ms Image
image/png 20.60.58.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nvlupin.blob.core.windows.net/images/van/SHPRO/SHPRO/1/92586/images/logo.png
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.60.58.97 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1c362bf1f46b8bc0b2e9c3f36bc85bd580e9ba0956903f0e52d5a2ba0c044d0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Thu, 14 Mar 2024 19:54:23 GMT
Last-Modified: Thu, 30 Sep 2021 23:27:38 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
ETag: 0x8D98469E425D47B
Content-Type: image/png
Access-Control-Allow-Origin: *
x-ms-request-id: 89f3bddf-201e-001f-0b49-76f455000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 98960

GET
H/1.1 200
OK profile-PLATINUM2022-seal.png
prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/ 1 KB
2 KB 426ms
319ms Image
image/png 45.223.139.238
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/profile-PLATINUM2022-seal.png
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.139.238 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 87927a182d2e1f6218aa17809f813095a64921c1e70f80d7dfe81c4f9d30dc8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 19:54:23 GMT
Last-Modified: Wed, 01 Feb 2023 16:44:41 GMT
X-CDN: Imperva
Etag: 0x8DB04739DB0F409
Content-Type: image/png
X-Iinfo: 10-21972603-21960029 2cNN RT(1710446062618 79) q(0 2 2 195) r(3 3) U18
Cache-Control: max-age=300, public
x-incap-sess-cookie-hdr: F5a6Sn08TReboA4ycrF/Ae5V82UAAAAAcQrzYtjNBGLE6VAyaI3OJQ==
Content-Length: 1519
Expires: Thu, 14 Mar 2024 19:59:23 GMT

GET
H/1.1 200
OK four-star.png
prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/ 14 KB
15 KB 209ms
162ms Image
image/png 45.223.139.238
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/four-star.png
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.139.238 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a962d7d17cfa096734d22cb537749f58472cad0800905117de2d07711707f3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 19:54:23 GMT
Last-Modified: Wed, 01 Feb 2023 16:45:15 GMT
X-CDN: Imperva
Etag: 0x8DB0473B1DE784F
Content-Type: image/png
X-Iinfo: 10-21972603-21965139 2cNN RT(1710446062618 411) q(0 0 0 6) r(0 0) U18
Cache-Control: max-age=300, public
x-incap-sess-cookie-hdr: R0DbOSAEACSboA4ycrF/Ae9V82UAAAAAnF6tnrXaKJ9LfUJaBeq9lw==
Content-Length: 14474
Expires: Thu, 14 Mar 2024 19:59:23 GMT

GET
H/1.1 200
OK 2022-top-rated-awards-badge-embed.png
prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/ 18 KB
19 KB 276ms
192ms Image
image/png 45.223.139.238
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod.cdn.everyaction.com/images/van/SHPRO/SHPRO/1/92586/images/2022-top-rated-awards-badge-embed.png
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 45.223.139.238 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 58d84748e5e3ec410c419f02f51bf0a66b0764b71751e5272a72b8047cd73fc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Thu, 14 Mar 2024 19:54:23 GMT
Last-Modified: Wed, 01 Feb 2023 16:45:45 GMT
X-CDN: Imperva
Etag: 0x8DB0473C3A87511
Content-Type: image/png
X-Iinfo: 9-19104908-19093504 2cNN RT(1710446062997 57) q(0 0 0 7) r(1 1) U18
Cache-Control: max-age=300, public
x-incap-sess-cookie-hdr: wGVkAX6QuXqboA4ycrF/Ae9V82UAAAAAg8hgWmGPCcqm6UJyk6gXiA==
Content-Length: 18937
Expires: Thu, 14 Mar 2024 19:59:23 GMT

GET
H/1.1 200
OK vgs-collect.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/ 134 KB
44 KB 438ms
330ms Script
application/javascript 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: jfBMjoXBTwBLxrf4sD.h_N_F9QJn5gdY
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 19:54:18 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 7
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:55 GMT
Server: AmazonS3
ETag: W/"156be461dd96d02fce3792c020f7748a"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: FdTs0VFLUIZ7ByPbDuVzuT8V7m0APE0kRq6118BQqrylmjSeIDp1xQ==

GET
H2 200 _Incapsula_Resource Show response
takeaction.sandyhookpromise.org/ 148 KB
21 KB 69ms
68ms Script
application/javascript 13.32.27.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://takeaction.sandyhookpromise.org/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1154960106
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-27.fra56.r.cloudfront.net
Software: /
Resource Hash: abddb998edc744d36888878493f9dfa2300a4a85f31516a0c7ed612f09de113a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/a/foundation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:23 GMT
content-encoding: gzip
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21284
x-amz-cf-id: oWgXBMOxbIO2BGZTZDZieWjgeSoyUKdKWcZ8PA1HSvySZ7AJFQoKXQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 334 KB
106 KB 205ms
117ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NVMNP3J

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

65dc78ce3ebea14300b4e4932517c45fefed0f21684eb08cc16ec2c5445736ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108411
x-xss-protection: 0
last-modified: Thu, 14 Mar 2024 18:54:38 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Mar 2024 19:54:24 GMT

GET
H2 200 w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2
fonts.gstatic.com/s/varelaround/v13/ 14 KB
14 KB 192ms
104ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/varelaround/v13/w8gdH283Tvk__Lua32TysjIfp8uPLdshZg.woff2

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Origin: https://takeaction.sandyhookpromise.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 13:12:13 GMT
x-content-type-options: nosniff
age: 110531
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14172
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 17:04:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Mar 2025 13:12:13 GMT

GET
H2 200 ai.2.min.js Show response
az416426.vo.msecnd.net/scripts/b/ 120 KB
47 KB 260ms
40ms Script
text/javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CFD) /
Resource Hash: 19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-07 00:07:47
content-md5: 2+CVLpI/+n4/WqDrTExBWA==
age: 345
x-cache: HIT
x-ms-meta-aijssdksrc: [cdn]/scripts/b/ai.2.8.17.min.js
content-length: 48042
x-ms-lease-status: unlocked
last-modified: Wed, 14 Feb 2024 19:25:27 GMT
server: ECAcc (frc/4CFD)
x-ms-meta-aijssdkver: 2.8.17
etag: 0x8DC2D92B347C0C9
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 9768a7e0-301e-0029-6548-767aab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800, immutable, no-transform
x-ms-version: 2009-09-19
expires: Thu, 14 Mar 2024 20:24:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 288 KB
95 KB 78ms
78ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVMNP3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

10f8569426539490b11e5c73de111da0ff06319e6218c6a5bc3bc53cf7e049e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Mar 2024 19:54:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 185ms
96ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NVMNP3J

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 14 Mar 2024 19:38:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 942
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 14 Mar 2024 21:38:42 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 216 KB
58 KB 320ms
103ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Mar 2024 19:54:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57631
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=2, c=11, mss=1294, tbw=2784, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: 0adltO3x9jlV1G2xSH/kkTsOLVVMacG6fSHNJa3t8HXJYRMRWK/gcepdIIweYuy7+dz5z/tm7lHiW7RCpa94Zw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 141ms
45ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220061-FRA

GET
H/1.1 200
OK spx Show response
dx.mountain.com/ 16 KB
5 KB 491ms
123ms Script
application/javascript 44.209.137.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=36016&tdr=&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&cb=76894711649110820term=value
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.137.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-137-118.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: a6d3c586a481bb94e56dbec5d8e65be67cf23e1a7d0887ab7c17e720dd3f335b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
x-envoy-upstream-service-time: 4
be: spx-prod
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ping.min.js Show response
pixel.byspotify.com/ 32 KB
7 KB 140ms
47ms Script
application/javascript 34.117.162.98
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.byspotify.com/ping.min.js
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.162.98 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 98.162.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 18:55:11 GMT
content-encoding: gzip
via: 1.1 google
age: 3553
x-guploader-uploadid: ABPtcPpQe6TGZKISYuKIN1R6A0Phy58SXTJZOZbPUXnWtOiQ--4BnQ8nl3cI3VPwLPb4_id_zKsujiwqog
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6158
last-modified: Wed, 11 Oct 2023 19:00:35 GMT
server: UploadServer
etag: "13069f74108a788c598831c3a4ff2cdf"
vary: Accept-Encoding
x-goog-generation: 1697050835633914
x-goog-hash: crc32c=We0+rw==, md5=EwafdBCKeIxZiDHDpP8s3w==
content-type: application/javascript;
cache-control: public, max-age=3600
x-goog-stored-content-length: 6158
accept-ranges: bytes
expires: Thu, 14 Mar 2024 19:55:11 GMT

GET
H2 200 hotjar-2063953.js Show response
static.hotjar.com/c/ 9 KB
4 KB 163ms
76ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2063953.js?sv=6

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

2a761ff64d36197e203c448bf2c1a3bc28e3c66beb95613fd3eea0a0712c817d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Mar 2024 19:54:24 GMT
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/3c1cda5166035b88e8f27e29276b5e89
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 79rN3RvFeJq51t61s6e1q-2Tzq7997ekVRYKCXhsTvmTvzb3Y-KAVA==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 316ms
219ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=97409b3c-a2b0-4732-b18b-a6d5e5aa2c8b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3cc3a397-abdc-465d-bfcd-c9e9b26fe3c6&tw_document_href=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny62q&type=javascript&version=2.3.29

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 179
date: Thu, 14 Mar 2024 19:54:24 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 38c27829ce568005
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 8e06b02b7100fcd07fd618982d11093bd1c7109e6687343b2cb685dabecd2cc4
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
396 B 325ms
219ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=97409b3c-a2b0-4732-b18b-a6d5e5aa2c8b&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=3cc3a397-abdc-465d-bfcd-c9e9b26fe3c6&tw_document_href=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny62q&type=javascript&version=2.3.29

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-response-time: 179
date: Thu, 14 Mar 2024 19:54:24 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 2ded31a676cadc83
cache-control: no-cache, no-store, max-age=0
perf: 7469935968
x-connection-hash: 56ffc6bf48a4e990d2ca64c4dd461bb4a7af3e628835e2a67d07492accf0f65c
content-length: 43

POST
H2 204 collect
region1.analytics.google.com/g/ 0
265 B 135ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2&gtm=45je43b0v867856992z8832047205za200&_p=1710446063539&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1684879569.1710446064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1710446064&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&dt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3432
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 143ms
48ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7TKWPVM1K2&cid=1684879569.1710446064&gtm=45je43b0v867856992z8832047205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 164ms
77ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7TKWPVM1K2&cid=1684879569.1710446064&gtm=45je43b0v867856992z8832047205za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&z=63283452

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _Incapsula_Resource
takeaction.sandyhookpromise.org/ 1 B
528 B 56ms
56ms Image
text/plain 13.32.27.27
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://takeaction.sandyhookpromise.org/_Incapsula_Resource?SWKMTFSR=1&e=0.5059835085875577
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-27.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/a/foundation
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
via: 1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/plain
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
x-amz-cf-id: GXKOjteja74mzr3utAGO8Hwglv3tDj4INwCte-jNeX2clQDgsAnNIQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 110ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2&gtm=45je43b0v867856992z8832047205za200&_p=1710446063539&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1684879569.1710446064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=2&sid=1710446064&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&dt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&en=view_item&_et=3&tfd=3458
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.76600994a7e845923464.js Show response
script.hotjar.com/ 222 KB
55 KB 132ms
45ms Script
application/javascript 13.32.27.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.76600994a7e845923464.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2063953.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.54 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-54.fra56.r.cloudfront.net

Software

Resource Hash

fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 113058
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55785
last-modified: Wed, 13 Mar 2024 12:29:47 GMT
etag: "ef9df1813a7be6a9f62fdfc3c4c6965d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 4U0B4o_cecIHvRCTLw6MMVBdVbFyNwJSGhq8CJ72jTw4bJwoqeoqig==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
220 B 49ms
49ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=502829571&t=pageview&_s=1&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&ul=en-us&de=UTF-8&dt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=1221790703&gjid=2108320336&cid=1684879569.1710446064&tid=UA-37619533-1&_gid=713575552.1710446065&_r=1&_slc=1&gtm=45He43d0h2n81NVMNP3Jv832047205za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&npa=1&z=285610492

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 extra.min.css
static.everyaction.com/ea-actiontag/ 78 KB
14 KB 46ms
46ms Stylesheet
text/css 2600:9000:2490:6800:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bde98d03e692205a234f91cd6e3af67e9fe47a2b37fe4460f3dea6953f4f86f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 14:37:47 GMT
content-encoding: gzip
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 18998
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 14169
last-modified: Tue, 12 Mar 2024 14:37:28 GMT
server: AmazonS3
etag: "fb339c13a0237da00bc69c94ca53a865"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=900, s-maxage=86400, public
accept-ranges: bytes
x-amz-cf-id: pS92NA-apoDR-PO0gh0o5mfv9GBZFn67ATsrO7UbSoQtuk5E8sbejg==

GET
H2 200 identity Show response
profile.ngpvan.com/ 72 B
1 KB 547ms
449ms Script
text/javascript 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.ngpvan.com/identity?callback=_jqjsp

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

9195f6dd0830a599d5504294b1416e4d0bb23634e2498195b4cc6412546472a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"48-fp9Z6lYY9EHw/phX/IMFkrHGBTc"
x-powered-by: Express, ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
p3p: CP="NOI ADM DEV PSAi OUR OTRo STP IND COM NAV DEM"
x-iinfo: 11-129112635-129112647 NNNN CT(96 192 0) RT(1710446063608 59) q(0 0 3 2) r(4 4) U24
x-incap-sess-cookie-hdr: HNP1Zdc2uH3u4rASXx78EvBV82UAAAAAKCC4v8Pn9KUqtbKPgD8zfA==
content-length: 195
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 200 / Show response
evnt.byspotify.com/ 2 B
97 B 174ms
173ms Fetch
application/json 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json
Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
via: 1.1 google
access-control-allow-methods: GET, POST
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: false
access-control-allow-headers: Content-Type, Accept
content-length: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H2 200 /
evnt.byspotify.com/ Frame 0
0 279ms
189ms Preflight 34.111.186.1
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://evnt.byspotify.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.186.1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 1.186.111.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://takeaction.sandyhookpromise.org
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 14 Mar 2024 19:54:24 GMT
via: 1.1 google

GET
H2 200 CFfoOsC2EEawfJ_ymTsI7Q2 Show response
secure.everyaction.com/v1/Forms/ 18 KB
7 KB 557ms
456ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/v1/Forms/CFfoOsC2EEawfJ_ymTsI7Q2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

f4d227760bde58fb03ce25b526cc6f8b4c94ce64583849ea80db79f91d44799c

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 7-86665569-86665577 NNNN CT(91 203 0) RT(1710446063621 50) q(0 0 3 0) r(4 4) U18
content-length: 6155
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: zAguNN2Pr2Dy4rASXx78EvBV82UAAAAAvRZLVD5tsaPSK0y1ige1IA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
360 B 56ms
47ms XHR
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37619533-1&cid=1684879569.1710446064&jid=1221790703&gjid=2108320336&_gid=713575552.1710446065&npa=1&_u=YCDACEAABAAAACAAI~&z=513513304

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 14 Mar 2024 19:54:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 162ms
75ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37619533-1&cid=1684879569.1710446064&jid=1221790703&npa=1&_u=YCDACEAABAAAACAAI~&z=1382395234

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 75ms
75ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-37619533-1&cid=1684879569.1710446064&jid=1221790703&npa=1&_u=YCDACEAABAAAACAAI~&z=1382395234

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 2063953 Show response
vc.hotjar.io/sessions/ 0
232 B 521ms
418ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2063953?s=0.25&r=0.13846147617476423
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Mar 2024 19:54:25 GMT
cache-control: no-store
via: 1.1 22b00b5685ee1822efcb3d9e95d3c19a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: QVWmkYtEPfgQB1BL5ynApnzXkyjwVy86BWY-UWLQl9W0W-jftXN_NA==
x-cache: Miss from cloudfront

GET
H2 200 1419151705020810 Show response
connect.facebook.net/signals/config/ 62 KB
13 KB 98ms
98ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1419151705020810?v=2.9.149&r=stable&domain=takeaction.sandyhookpromise.org&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3047633986aedc3e3e18d271a0dca0443e83d510d04d8d3626705504f7ca1ee5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 14 Mar 2024 19:54:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=46, rtx=2, c=62, mss=1294, tbw=62773, tp=-1, tpl=-1, uplat=58, ullat=1
pragma: public
x-fb-debug: QcCjiQEzeBIniOwf4d3v0Y4VPEwrXXn962ke5bc7Py768fIvymYX7ABYVe8zeR/NJnzgPM3llrznXwoyTZQ9GQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK is Show response
54.156.2.105/ 32 B
437 B 830ms
120ms Fetch
text/plain 54.156.2.105
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://54.156.2.105/is
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.156.2.105 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-2-105.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 351c0ee16c0f30a475a8e4cc0916e21e871fbc893d498709a69fb38f9b3e5502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:25 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain;charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 32
x-application-context: application:prod:8080

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 129ms
40ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1419151705020810&ev=PageView&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&rl=&if=false&ts=1710446064836&sw=1600&sh=1200&v=2.9.149&r=stable&ec=0&o=4126&fbp=fb.1.1710446064835.1841406507&cs_est=true&ler=empty&cdl=API_unavailable&it=1710446064724&coo=false&rqm=GET

Requested by

Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=39, rtx=0, c=10, mss=1294, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 14 Mar 2024 19:54:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 nvtag Show response
profile.ngpvan.com/v2/data/NVb4XqTPHiEkvXdZQxl$MXXp/ 2 B
844 B 528ms
449ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://profile.ngpvan.com/v2/data/NVb4XqTPHiEkvXdZQxl$MXXp/nvtag
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.33.183 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / Express, ASP.NET
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-cdn: Imperva
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
x-powered-by: Express, ASP.NET
vary: Origin,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://takeaction.sandyhookpromise.org
x-iinfo: 10-117089652-117089661 NNNN CT(97 197 0) RT(1710446064140 51) q(0 0 3 -1) r(4 4) U24
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: 9639R55EeFru4rASXx78EvBV82UAAAAAQ2Q7YGueOdDIVjQtrmICOA==
content-length: 123
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 46ms
46ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2&gtm=45je43b0v867856992za200&_p=1710446063539&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1684879569.1710446064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEA&_s=3&sid=1710446064&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&dt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&en=scroll&epn.percent_scrolled=90&_et=22&tfd=4042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ddplugin.css
doublethedonation.com/api/css/ 141 KB
13 KB 376ms
122ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/css/ddplugin.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:25 GMT
content-encoding: br
last-modified: Thu, 14 Mar 2024 19:24:17 GMT
server: nginx
etag: "65f34ee1-338d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600;
access-control-allow-credentials: true
content-length: 13197

GET
H2 200 ddplugin.js Show response
doublethedonation.com/api/js/ 444 KB
95 KB 622ms
369ms Script
text/javascript 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/js/ddplugin.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 7fb8434d130b3d8b35626e79607e40a1bf202c380fdcd6455f7739dace7588c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:25 GMT
content-encoding: br
last-modified: Thu, 14 Mar 2024 19:24:16 GMT
server: nginx
etag: "65f34ee0-1796e"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600;
access-control-allow-credentials: true
content-length: 96622

GET
H2 200 identity Show response
fastaction.ngpvan.com/api/v2/ 136 B
877 B 492ms
475ms XHR
application/json 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://fastaction.ngpvan.com/api/v2/identity

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Microsoft-IIS/10.0 / Express, ASP.NET

Resource Hash

37c9bd34a17ccc4a364e4bdc0c73f4e268e77e1e561da2be3ab46e72e4ce1558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubdomains
x-cdn: Imperva
x-powered-by: Express, ASP.NET
p3p: CP="NOI ADM DEV COM NAV OUR STP"
x-iinfo: 11-129112635-129112722 NNNN CT(103 225 0) RT(1710446063608 536) q(0 0 3 7) r(4 4) U4
content-length: 252
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
server: Microsoft-IIS/10.0
etag: W/"88-oAe1gippT6kZifqDcykoDkVfMSo"
vary: Accept-Encoding,Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: 0H2JamRULw+f5LASXx78EvBV82UAAAAA7SK5SuRyFN9jCS7z0XInAQ==

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 08A0 158 KB
51 KB 128ms
49ms Document
text/html 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 14 Mar 2024 19:54:25 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront), 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
X-Amz-Cf-Id: A7zeAwkWTspJI7F_KqhtCIxESnSeXAj2F0QZLj76u6K9E76LEnWIWA==
X-Amz-Cf-Pop: FRA56-P12 FRA60-P8
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 59ms
58ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://takeaction.sandyhookpromise.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 02:38:45 GMT
x-content-type-options: nosniff
age: 234940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 02:38:45 GMT

GET
H2 200 S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 24 KB
24 KB 82ms
81ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://takeaction.sandyhookpromise.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Mon, 11 Mar 2024 14:29:57 GMT
x-content-type-options: nosniff
age: 278668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24408
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:14:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Mar 2025 14:29:57 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,400;0,700;1,100;1,400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://takeaction.sandyhookpromise.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:00:39 GMT
x-content-type-options: nosniff
age: 212026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 09:00:39 GMT

GET
H2 200 intlTelInput.min.css
d3rse9xjbp8270.cloudfront.net/assets/styles/ 19 KB
20 KB 198ms
83ms Stylesheet
text/css 2600:9000:2251:da00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/styles/intlTelInput.min.css
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:da00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 22:28:58 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 18:06:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 77128
etag: "7e7462900c78bbf73c9dfde6c0b617fc"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
accept-ranges: bytes
content-length: 19755
x-amz-cf-id: wbXT5gPKPkgr9ZHlRVeMdy8AFJHzkz5qrm83COAUnLMUVPXuT1Z_pQ==

GET
H2 200 intlTelInput.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 87 KB
21 KB 250ms
135ms Script
application/javascript 2600:9000:2251:da00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intlTelInput.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:da00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 13:32:41 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 541305
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 20855
last-modified: Tue, 11 Apr 2023 14:36:04 GMT
server: AmazonS3
etag: "0d84f90a2a517cacd498722e0fe0500e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: wCZKaBGRdvxYE2mQ85NYThh9be6uBfHxsxZ1c6CJy2qD146QKtXOPA==

GET
H2 200 intl-tel.input.utils.js Show response
d3rse9xjbp8270.cloudfront.net/assets/js/ 245 KB
55 KB 200ms
86ms Script
application/javascript 2600:9000:2251:da00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/js/intl-tel.input.utils.js
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:da00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 11:41:13 GMT
content-encoding: gzip
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 4003993
x-cache: Hit from cloudfront
content-length: 56004
last-modified: Tue, 12 Apr 2022 14:32:46 GMT
server: AmazonS3
etag: "4b9bf850ee4aa76202eb0e6f5948bfa8"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: waQ8St1t_OzFlTmRm65fi4y_H0XtCVJtMppket61OUvw3HiIEQVedw==

GET
DATA 200
OK truncated
/ 784 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 cc.png
static.everyaction.com/ea-actiontag/assets/images/ 3 KB
4 KB 40ms
40ms Image
image/png 2600:9000:2490:6800:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/cc.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/extra.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/extra.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Sun, 09 Jul 2023 11:51:56 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 21542550
x-cache: Hit from cloudfront
content-length: 3392
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "294b44fc8703a45684537d51e363c045"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: BWf7IOr6PM-WoIJpV4FHDoS76s1QpfxdyMXX3D08dXM28fAYeO4Duw==

GET
H2 200 paypal-logo.png
static.everyaction.com/ea-actiontag/assets/images/ 3 KB
3 KB 41ms
41ms Image
image/png 2600:9000:2490:6800:3:1d53:4780:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.everyaction.com/ea-actiontag/assets/images/paypal-logo.png
Requested by: Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:6800:3:1d53:4780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.everyaction.com/ea-actiontag/at.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 21:27:43 GMT
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
age: 6042403
x-cache: Hit from cloudfront
content-length: 2778
last-modified: Tue, 07 Dec 2021 15:33:44 GMT
server: AmazonS3
etag: "459c51e4e024db4720b62513d12edb6a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: 7GLbZ6UpDW5KH_jsZiYj_JrtIRZ5B8ggcc3LVIBvI5cqvJ0_JOH_vA==

GET
H2 200 CFfoOsC2EEawfJ_ymTsI7Q2 Show response
secure.everyaction.com/PayPalClientToken/ 2 KB
2 KB 570ms
570ms XHR
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.everyaction.com/PayPalClientToken/CFfoOsC2EEawfJ_ymTsI7Q2

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

ef8cd90a115716a8a878157a334a07a3da83fd4d2b2af318ada6e38b3600c276

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-cdn: Imperva
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-iinfo: 7-86665569-78556577 2NNN RT(1710446063621 544) q(0 0 0 -1) r(5 5)
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3
vary: Origin,Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-expose-headers: Request-Context
cache-control: public, max-age=10
access-control-allow-credentials: true
x-incap-sess-cookie-hdr: JpGjbakfdQby4rASXx78EvBV82UAAAAAYdvRFCAH2WYUC00cLDCLIQ==

GET
H2 200 CFfoOsC2EEawfJ_ymTsI7Q2
secure.everyaction.com/v1/Track/ 0
214 B 153ms
152ms Image
text/plain 45.60.33.183
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.everyaction.com/v1/Track/CFfoOsC2EEawfJ_ymTsI7Q2?formSessionId=a26d0d48-5757-4cb1-98a2-ff0e3ffc56fd&bName=chrome&dType=desktop&formVersion=3/13/2024%203:33:54%20PM|11/17/2023%2011:25:31%20PM&fUrl=aHR0cHM6Ly90YWtlYWN0aW9uLnNhbmR5aG9va3Byb21pc2Uub3JnL2EvZm91bmRhdGlvbg%3D%3D&fRef=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.33.183 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: -1
pragma: no-cache
date: Thu, 14 Mar 2024 19:54:24 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
x-cdn: Imperva
x-frame-options: SAMEORIGIN
x-iinfo: 7-86665569-86665577 PNNN RT(1710446063621 553) q(0 0 0 -1) r(1 1) U2
access-control-expose-headers: Request-Context
cache-control: no-cache
x-incap-sess-cookie-hdr: JxqwAhWDHS7y4rASXx78EvBV82UAAAAAOfEe7pCQguc6aszgG4hdKw==
content-length: 0
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:ccd92c0b-19c7-485c-b607-cbfe2344efa3

GET
H2 200 paypal-logo.png
d3rse9xjbp8270.cloudfront.net/assets/images/ 3 KB
3 KB 227ms
138ms Image
image/png 2600:9000:2251:da00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/paypal-logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:da00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 13:08:36 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 6849950
x-cache: Hit from cloudfront
content-length: 2778
last-modified: Thu, 03 Oct 2019 17:12:45 GMT
server: AmazonS3
etag: "459c51e4e024db4720b62513d12edb6a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000
accept-ranges: bytes
x-amz-cf-id: nTiipTN0jFIXNlCquoD7r0u3nh1QX-jOvX5cS5iN4NwKfWZohTpSNw==

GET
H2 200 fast-action.svg
d3rse9xjbp8270.cloudfront.net/assets/images/ 9 KB
9 KB 173ms
84ms Image
image/svg+xml 2600:9000:2251:da00:12:303c:8700:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3rse9xjbp8270.cloudfront.net/assets/images/fast-action.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:da00:12:303c:8700:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 08:34:28 GMT
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 40887
x-cache: Hit from cloudfront
content-length: 9203
last-modified: Wed, 08 Jan 2020 18:06:45 GMT
server: AmazonS3
etag: "babd47dc25531a9faeadc04f1afa1910"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: 0VYQOZO4yTsU7zHZ2McRF3kEHqVQNBLwbZGNRDLf_yMvFbBv73s3OA==

OPTIONS
H2 204 track
dc.services.visualstudio.com/v2/ Frame 0
0 295ms
84ms Preflight 20.50.88.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sdk-context
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 3600
date: Thu, 14 Mar 2024 19:54:24 GMT
server: Microsoft-HTTPAPI/2.0
strict-transport-security: max-age=31536000

POST
H2 200 track Show response
dc.services.visualstudio.com/v2/ 96 B
200 B 161ms
161ms XHR
application/json 20.50.88.244
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

20.50.88.244 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 /

Resource Hash

f2bb4dee376206d9d121ca5f5d956e7953a0b7f7380095c59c367ef8a87b7178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-type: application/json

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
date: Thu, 14 Mar 2024 19:54:24 GMT
x-content-type-options: nosniff
server: Microsoft-HTTPAPI/2.0
content-type: application/json; charset=utf-8

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9BA8 158 KB
51 KB 205ms
124ms Document
text/html 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 14 Mar 2024 19:54:25 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront), 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront)
X-Amz-Cf-Id: ykqnBjBNIjI7kXJU668AGqXeUmi31FIEHdy-okp_UBAnS8qtFYfgVA==
X-Amz-Cf-Pop: FRA56-P12 FRA60-P8
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK index.html Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9CBC 158 KB
51 KB 168ms
88ms Document
text/html 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/vgs-collect.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=60
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 14 Mar 2024 19:54:25 GMT
ETag: W/"891d22e58a2927b43f5ab135e7bdaa88"
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 392cb865edfd76152c5ac655614b2f60.cloudfront.net (CloudFront), 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
X-Amz-Cf-Id: OF-sCfH7IZkXM09NXuz0iub8vLaNV9p4IjGre1uVwpTw731w2G0bgw==
X-Amz-Cf-Pop: FRA56-P12 FRA60-P8
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256
x-amz-version-id: D5Am0ac.4Bfz1LEHZRvgk67rZFGuM9PD

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 08A0 331 KB
107 KB 46ms
46ms Script
application/javascript 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 19:53:43 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 59
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: SUaVNv3eSwyU8DHKZlSP3zaTJw9232NLsaY5rtujf7x5hy5FmCQJrA==

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9CBC 331 KB
107 KB 48ms
47ms Script
application/javascript 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 19:53:43 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 59
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: BRPV5s6JA1LsDOs3zAyfTq0dVn21UcumD3RViU6oYZlylRcfntKreA==

GET
H/1.1 200
OK application.909e2f5f9100accd006e.modern.js Show response
js.verygoodvault.com/vgs-collect/2.18.4/lib/ Frame 9BA8 331 KB
107 KB 46ms
46ms Script
application/javascript 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f

Request headers

Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
Origin: https://js.verygoodvault.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: bFbwHKJMSq_P8gXZB7NkRn9e60aeznRH
Content-Encoding: gzip
Via: 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 19:53:43 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 59
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 16 Mar 2023 10:29:57 GMT
Server: AmazonS3
ETag: W/"55ba8f4f8f5789d1d6f863f100a30e86"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
X-Amz-Cf-Id: FIvEzrV4rLUYVL09k_4CL1nD1NpP8EwtT_O1jvK7GtNpxLYU0xHQwQ==

GET
DATA 200
OK truncated
/ Frame 9BA8 557 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK visa.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
1 KB 40ms
39ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: H.lNoG4vwL1ej33_03.Q4hw1WNRfkp4C
Content-Encoding: gzip
Via: 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 04:00:48 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 57218
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"bf0e3c7ebdd4f91c9ef36fefa89822e9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: HV7cCic5nrsf1iYBeB0YcOmHcPmClsAGRNEy_rEi7j9n0q1AH4Xhvg==

GET
H/1.1 200
OK visa-electron.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
2 KB 42ms
41ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/visa-electron.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: MgNF_FMVP1IvFHrPIq8AALFoZu_j7TtV
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 05:44:34 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 56018
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"c962f159de73e843c20331630bc3cd07"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 6ZzzsfTdRk-jS_-UTk1BmmT51cyomYrIfpNrv6uHsg4NgQ25ZjnqvA==

GET
H/1.1 200
OK amex.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
1 KB 41ms
39ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/amex.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: ItVZhXC517ZMCtDQ0ErslqkZpDw4TP_K
Content-Encoding: gzip
Via: 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 01:34:28 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 66891
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"d76aac2504772a3c74494f11fd18d87f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: cZfXTGpn9ExL2Gn8etNg5Fm9LkjAuN7k-GyUoBmdhX2hdvAl7F-P7w==

GET
H/1.1 200
OK maestro.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
4 KB 83ms
40ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/maestro.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 1_p31LpzRSjwSiLiTYV71TUVe9IpUn9e
Content-Encoding: gzip
Via: 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 02:38:17 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 66519
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"3625c25fe4e71c0daa524694d3b3d2e2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: iVlAu78SimV-7XiX2XI9oVWsXdYCKlF6WRYVrl3O9yH_qqiKmv-C2g==

GET
H/1.1 200
OK mastercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
1 KB 82ms
39ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/mastercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: PU9xtdz3b.d2kDLc5M1BB7mi5YpUwVDj
Content-Encoding: gzip
Via: 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 04:46:37 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 54492
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"8baef8cd0813bb42fe4bd99adf195035"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: s1K-McdputM7TOtcs5wPdXZtNPqUSPrOc-twc0DweuVzV2ORgDjy_Q==

GET
H/1.1 200
OK unionpay.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
5 KB 83ms
41ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/unionpay.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: G6Y4bx8_pMrmOjFIicD1hgmIdROiurIv
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 04:13:38 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 56448
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"01249c1708efa3c5c18a35778f20207b"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: w_6KCSwJRoiN0dVCf937mSegFkVF66GlN_dy5pX4Fy_NuLiYPprUbA==

GET
H/1.1 200
OK meeza.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
7 KB 75ms
39ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/meeza.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: fIKvFE1HubfUWhiWGE6EdQYTnLAnJ9MH
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 07:36:17 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 44297
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"07e73ffeb1e07b87f158e34e9900bd96"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: YqAK_R3_K8q17krzsjutYVMH7tn00coaVJSQIuLhQBmklj7YXk3TrA==

GET
H/1.1 200
OK jcb.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
2 KB 76ms
40ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/jcb.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: QmKwMQRUu5GGnar6U1.XDYKwXr9GTt4E
Content-Encoding: gzip
Via: 1.1 7011da69940360ddebc87f61490ffecc.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 04:43:25 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 54670
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"afc9c9bd9dd25718d84aa1b295e3cd4f"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: PAdqTUtV6bQxFLTD2P1NKnHiYPL-zper1gshTfMT8PwmRcElBUbKBg==

GET
H/1.1 200
OK hipercard.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
3 KB 78ms
41ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/hipercard.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: wESZZuki93YD2Y88rRKC5LDYBxi8XywO
Content-Encoding: gzip
Via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 05:16:31 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 52675
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39424aebb87e84c688d70ebf51e5cec6"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: BPKjUkAZEE3lrpsKksTHX6p59otgOaoBaAB88DgbUAShJMD7YfXHVw==

GET
H/1.1 200
OK forbrugsforeningen.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
2 KB 40ms
39ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/forbrugsforeningen.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: iffR3o1DDLBtfD6DUK07BGzKAQQ9SkB1
Content-Encoding: gzip
Via: 1.1 e2239bbca97bdb08942ca2cd020caca8.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 04:10:06 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 56660
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"0e30901c80583be81a54ad19e75340a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: eET-B886tpaOIb9TrnKnZ64BuMTqIeVJXCeXEvAh7Rb-KbeTUg-3yA==

GET
H/1.1 200
OK elo.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
2 KB 41ms
41ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/elo.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: SZ2jJtdJs0WLGiaIwIjXub4ID5pKkMH_
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 03:59:12 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 57314
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"2819c6f92cfc42b73058a840aba885a7"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: UiuFIsWx3Kfm5uzyXzau6vw7te44JwhBKbtGN0XmcXE3lhwXand-bA==

GET
H/1.1 200
OK discover.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
2 KB 40ms
40ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/discover.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: 47gYKG16RG7X_h0fKEEIboeS2mmCMeYz
Content-Encoding: gzip
Via: 1.1 ee44697df8ff7fee1512bec7b4da5368.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 04:59:05 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 53744
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5bd5bab591da0ad8f328376e0f9ebe29"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: x4fawHncldHSwIpAlT9kL2aX_cghT_k0iqz-5vdz9qKgJ1FOU8tq6w==

GET
H/1.1 200
OK diners-club.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
1 KB 40ms
40ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/diners-club.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: GmZUrCmUOwT9x.EL1h3aTKcLFhZAn.Ls
Content-Encoding: gzip
Via: 1.1 58e9d1f8f21a3575fa58a14f7f39c636.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 05:06:37 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 53269
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"39a2c40eee9103f96fab5bc8d3dbbeb8"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: PK735CqT_v0wKd-YrsjkHJp94fsix93A8xMgZpBdiJGHoN8lFUio3g==

GET
H/1.1 200
OK dankort.svg
js.verygoodvault.com/vgs-collect/icons/ Frame 9BA8 0
1 KB 39ms
39ms Other
image/svg+xml 18.172.112.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.verygoodvault.com/vgs-collect/icons/dankort.svg
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.172.112.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-172-112-109.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: L7PgpoDJdtbcwmCNdHkqIlTpNlkZVtdK
Content-Encoding: gzip
Via: 1.1 65f647a85e0d39dc9a468588d0d66886.cloudfront.net (CloudFront)
Date: Thu, 14 Mar 2024 03:18:21 GMT
X-Amz-Cf-Pop: FRA60-P8
Age: 59790
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Tue, 16 Feb 2021 23:07:16 GMT
Server: AmazonS3
ETag: W/"5a58f174478046c4d7105db80bb660f0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: X6vzkF5k33qgcmOlTk2l4uhjmFoObyUo1KJwS0Wy_1ghk6LEz9G3dg==

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
2 KB 835ms
210ms Script
application/javascript 52.89.99.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1684879569.1710446064&shpt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221684879569.1710446064%22%2C%22shpt%22%3A%22Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence%22%2C%22dcm_cid%22%3A%221710446064.1%22%2C%22dcm_gid%22%3A%22713575552.1710446065%22%2C%22mntnis%22%3A%22cRjOemTRUJs8JItXuLR0oReoJheiN84j%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1710446064.1&dcm_gid=713575552.1710446065&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221710446064%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&cb=76894711649110820term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue
Requested by: Host: dx.mountain.com
URL: https://dx.mountain.com/spx?dxver=4.0.0&shaid=36016&tdr=&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&cb=76894711649110820term=value
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.89.99.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-99-220.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 8e41def4e7d37805de7577acfd2c7d7d4a52cc785eeef70787dacbd971837060

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:26 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 1
connection: close

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 134ms
44ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://takeaction.sandyhookpromise.org
access-control-max-age: 1800
date: Thu, 14 Mar 2024 19:54:25 GMT
paypal-debug-id: ba7e373facb54
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

POST
H2 200 graphql Show response
payments.braintree-api.com/ 1 KB
1 KB 450ms
449ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

ecd12a647323543a854931f58cab35fa8b6b2d7cab0b1110b12b8df8703f46a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE3MTA1MzI0NjUsImp0aSI6IjU1YzU2ZjRmLTZkMTctNGY2NS04OTQyLTFiZjFmMzZhNmQ1ZiIsInN1YiI6Ijg5OGg2bmdocXk1cTR6cjUiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Ijg5OGg2bmdocXk1cTR6cjUiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnt9fQ.sLHKwLc0kRIZ1MWkGc6_qNop7GBihahKlaKTWRUNlB_TKq315Fg-vuYvaBclLVG_BLAft4Rri8jCQziIteTVHw
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://takeaction.sandyhookpromise.org
paypal-debug-id: 3d8addacc4c24
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 676

GET
H2 200 fontello.css
doublethedonation.com/api/fontello/css/ 6 KB
2 KB 606ms
606ms Stylesheet
text/css 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://doublethedonation.com/api/fontello/css/fontello.css
Requested by: Host: doublethedonation.com
URL: https://doublethedonation.com/api/css/ddplugin.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: 80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://doublethedonation.com/api/css/ddplugin.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:25 GMT
content-encoding: br
last-modified: Thu, 14 Mar 2024 19:22:26 GMT
server: nginx
etag: W/"65f34e72-18f3"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600;
access-control-allow-credentials: true

OPTIONS
H/1.1 200
OK 898h6nghqy5q4zr5
client-analytics.braintreegateway.com/ Frame 0
0 174ms
41ms Preflight 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Mar 2024 19:54:26 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

OPTIONS
H/1.1 200
OK 898h6nghqy5q4zr5
client-analytics.braintreegateway.com/ Frame 0
0 175ms
43ms Preflight 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Mar 2024 19:54:26 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK 898h6nghqy5q4zr5 Show response
client-analytics.braintreegateway.com/ 0
366 B 42ms
41ms XHR
text/plain 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 14 Mar 2024 19:54:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 898h6nghqy5q4zr5 Show response
client-analytics.braintreegateway.com/ 0
366 B 42ms
42ms XHR
text/plain 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 14 Mar 2024 19:54:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.44.2/html/ Frame 732D 8 KB
3 KB 177ms
44ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.44.2/html/dispatch-frame.min.html

Requested by

Host: static.everyaction.com
URL: https://static.everyaction.com/ea-actiontag/at.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD8) /

Resource Hash

dedad191cb087f16bc09a89edac8df890dc2a66cec61a3d84f721bedf51df21c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://takeaction.sandyhookpromise.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=86400, s-maxage=31536000, public,max-age=3600
content-encoding: gzip
content-length: 3029
content-type: text/html
date: Thu, 14 Mar 2024 19:54:26 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"61b298eb-1e9d"
expires: Fri, 15 Mar 2024 19:54:26 GMT
last-modified: Fri, 10 Dec 2021 00:01:47 GMT
paypal-debug-id: 49fa6d4abad9d
server: ECAcc (frc/4CD8)
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
traceparent: 00-000000000000000000049fa6d4abad9d-d483eb4dae23b6c4-01
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff

OPTIONS
H/1.1 200
OK 898h6nghqy5q4zr5
client-analytics.braintreegateway.com/ Frame 0
0 171ms
42ms Preflight 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Mar 2024 19:54:26 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK 898h6nghqy5q4zr5 Show response
client-analytics.braintreegateway.com/ 0
366 B 44ms
44ms XHR
text/plain 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 14 Mar 2024 19:54:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 plugin_settings Show response
doublethedonation.com/api/v1/ 660 B
544 B 375ms
126ms XHR
application/json 23.96.109.67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://doublethedonation.com/api/v1/plugin_settings?customer_id=hS2fpcymceyXGH4n

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.96.109.67 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx /

Resource Hash

e055d32dc45811798f46a791390be0a2cb073b0c1a09fe16c3b6ba2b584b0bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:26 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-encoding: br
server: nginx
x-frame-options: sameorigin
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/json; charset=utf-8
access-control-allow-credentials: true

POST
H2 200 vgs Show response
vgs-collect-keeper.apps.verygood.systems/ Frame 08A0 0
111 B 365ms
118ms XHR
text/plain 3.219.226.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://vgs-collect-keeper.apps.verygood.systems/vgs
Requested by: Host: js.verygoodvault.com
URL: https://js.verygoodvault.com/vgs-collect/2.18.4/lib/application.909e2f5f9100accd006e.modern.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.226.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-226-109.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.verygoodvault.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.verygoodvault.com
date: Thu, 14 Mar 2024 19:54:26 GMT
x-powered-by: Express
content-length: 0
vary: Origin

OPTIONS
H/1.1 200
OK 898h6nghqy5q4zr5
client-analytics.braintreegateway.com/ Frame 0
0 69ms
41ms Preflight 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://takeaction.sandyhookpromise.org
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Thu, 14 Mar 2024 19:54:26 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK 898h6nghqy5q4zr5 Show response
client-analytics.braintreegateway.com/ 0
366 B 44ms
44ms XHR
text/plain 3.69.121.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://client-analytics.braintreegateway.com/898h6nghqy5q4zr5

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/b/ai.2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.121.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-121-132.eu-central-1.compute.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://takeaction.sandyhookpromise.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

Date: Thu, 14 Mar 2024 19:54:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD, POST, OPTIONS
Access-Control-Allow-Origin: https://takeaction.sandyhookpromise.org
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H/1.1 200
OK gs Show response
gs.mountain.com/ 144 B
733 B 1135ms
213ms Script
application/javascript 35.81.162.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gs.mountain.com/gs
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.81.162.201 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-81-162-201.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 9902c9bc412249e3fc6b9e5e9df5527049f6cfd9d4aea87dcc86c4c810869fc0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:27 GMT
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
x-envoy-upstream-service-time: 1
connection: close
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
content-length: 144
x-application-context: application:prod:8080

GET
H/1.1 200
OK st Show response
px.mountain.com/ 2 KB
1 KB 864ms
222ms Script
application/javascript 52.89.99.220
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://px.mountain.com/st?ga_tracking_id=G-7TKWPVM1K2&ga_client_id=1684879569.1710446064&shpt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22G-7TKWPVM1K2%22%2C%22ga_client_id%22%3A%221684879569.1710446064%22%2C%22shpt%22%3A%22Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence%22%2C%22dcm_cid%22%3A%221710446064.1%22%2C%22dcm_gid%22%3A%22713575552.1710446065%22%2C%22mntnis%22%3A%22cRjOemTRUJs8JItXuLR0oReoJheiN84j%22%2C%22execution_workflow%22%3A%7B%22iteration%22%3A9%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%7D&dcm_cid=1710446064.1&dcm_gid=713575552.1710446065&available_ga=%5B%7B%22id%22%3A%22G-7TKWPVM1K2%22%2C%22sess_id%22%3A%221710446064%22%7D%2C%7B%22id%22%3A%22UA-37619533-1%22%2C%22sess_id%22%3Anull%7D%5D&hardcoded_ga=G-7TKWPVM1K2&dxver=4.0.0&shaid=36016&plh=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue&cb=1710446066411702&shguid=85e20887-0fe9-30eb-b1ef-47f30179c051&shgts=1710446067549
Requested by: Host: takeaction.sandyhookpromise.org
URL: https://takeaction.sandyhookpromise.org/a/foundation
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.89.99.220 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-99-220.us-west-2.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Thu, 14 Mar 2024 19:54:28 GMT
content-encoding: gzip
server: istio-envoy
transfer-encoding: chunked
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
x-envoy-upstream-service-time: 13
connection: close

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 48ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-7TKWPVM1K2&gtm=45je43b0v867856992z8832047205za200&_p=1710446063539&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&cid=1684879569.1710446064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=4&sid=1710446064&sct=1&seg=0&dl=https%3A%2F%2Ftakeaction.sandyhookpromise.org%2Fa%2Ffoundation&dt=Donate%20to%20Help%20Protect%20Children%20From%20Gun%20Violence&en=page_scroll_depth&_et=583&tfd=9042
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7TKWPVM1K2&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://takeaction.sandyhookpromise.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Mar 2024 19:54:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://takeaction.sandyhookpromise.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
takeaction.sandyhookpromise.org/	1970-01-20 19:07:54	Name: SessionKeyCookie Value:
.sandyhookpromise.org/	1970-01-20 21:17:02	Name: _gcl_au Value: 1.1.1409903860.1710446064
takeaction.sandyhookpromise.org/	1970-01-21 03:53:02	Name: ai_user Value: M/ALsuodWXJ/Y0O0wtONcw\|2024-03-14T19:54:24.278Z
takeaction.sandyhookpromise.org/	1970-01-20 19:07:26	Name: ___utmvc Value: DGbSHyd68EcxDO+JbobOANh8IzTxayqj38bs6UmYQb26ycrgoQi4VP1Ta9n9Mgy8I9UQ4n0LA7ZOe0qDATv7UMy3jKKN8HM9Uks3FiD+jCa9VozqBVIBWftlrvkhEzcvs8w/BWlWUzQEpMy/zsFpFzFnM3j4qw6fsJwag4xEtlwDpWzr6VWgHPGX4hjW5MofBt2D+TRN1hKky++vRUS+4p8V8pUtZst6RZaWiR5XFy60kxGsh9LfbKgxs6qfCbv5fhNKwHuj+sVIpf0iA25NdsH9iXOy9kII/Co3olCFTOkJ0vuFPtilemb66dboemYVRgYoxM7vHgiOo0UGrTZJoM9lWNj/oO2KzVNTgdG96/Z1q4LEG71L43hjCwgljCYskg+5xAI8xoyO/zt6orD7KdJqCX2R+IkJlPD3bf0hMg+HC/CB+UAwZ5s+C3w6USZ88ruZglLnzN3EN0TTC4O2RCx8gWmCs/PCIotv0NRhGJoh289nXmii3CJhzO3PCSbaD6GKvtItC94l9KzwMrM51mj0gGPyASTe26lBuNp/hqxb9jWZqZiAlL+XtMgF+8mTliEBNZWTpAn6PF38/4V+LAjbW8DzLUda2gpIh+KWvg3HqpJD72wvCMkTurKJ0+V4sioIOeDH/N6eBea9tZYS7cjdJV6p9HiaxMZ1QP9gLnj9xAvF1aIw8jaZazLp3vN8BB0ToM2L2WAKCU2BlIuBUuXzfYCoQ9jbtDqVLpCFqP9a4NQCfxO+b+PSLS98Skv+D6fxp/DDiBWKI2SP+KDUycNdTotTTqTw5bgWzPWePKoozgR2Px6WtKNrrmaucdrEakvhGO+xE78mpYrbX3mrPQ/cQT9hZ7xEMl0nXubvoGOLesm7bMYmrCi0aEHo7ZlwZ5LmFBlABpn2uhcmREbz1OFkHBpoiCE7blGqVjpuszzJBi8VC2BZmSZxB3Ex5BHHigXePM3p7tiwGxAyxfcjXrezqNN4iabstf78uQ+85PW/EIZcv+gPxCbYQbWEyi0Tkb/zV4udfzc1qm/QJS3QhcnUnvXEsEs46afGHy5clD7SXf3iIzTjy5JqkWbFrNYm/R+F9WFz3NvIhvPDG6nmRIiO1p88c9UP+s+XubGt0TRYdcKqgp+sgYTvzWzoogc6oQqECAiQ8ZxDcpb8GR0Rba7GaOP9R/wK2COPoXaqB/nSleIJgBgJ7Hw3rXygvHMJWKRj2W644wx/ze2bKuEpeDzFrn1RFFiEDSr0Zc775P5NBWkvs0u8KOKHi2KwD6ara1IqRqcXfw4+aXg70MhcE2DA3yCvYlF44+F9Z619sqYMcw6a1y3+Wa1crj7n1uDoOX5dtD2TUVgoYc194we7wFhy04CZAj8oYwQ/U0WZK6KVWO+wF+OX0a3a/Lyodm7csAuDndd3I5EFzf49I/ESQcL3Z4t6yGhd6IhxIUatg+ob2WGQKwjwy6CmJ4oLH4nVllDgVlQs9baQ4/EX0plVLh9NuhqG7SldORdVsfYiEpVpVPWq1X+DLZ8p83yI2CTE2uot1ys22n2W0+AwvryAqCbK9AHdppKlXAMV8RL5HDFYub5OxZuiAViy9OEc8yYSezZ0UjlC+zK9BGnVtrd+msgluh4oUr9TugE23ZsaMWu4GlKvTX8OQSZufiwajeEWENkGHKghatDF0+HbWtAOC0f10ZgoLvHcH/+rImsfzaZsTjPr+YPnaLXv0j2K53JqNLAyHx7cGqinS6c7ji3mN7v/s7G/0m84zDk2O9OtCwy7YRopCdfUKmhGiEXZRIzW+0OT3DNsgjCqaKUMuuy70O6Co85Qh3S+ApNXuxjZyvzLwgVVZpC3NAkb1/bCBCCJosFGucbNjrOwM6mpDJRB/33t5qP9MpIs9VWKeSpmsbzp/tiZNo+2Kf8wa0/1MaaSxeJFizzqZ/B2dOwoYsBsfF3+iwfSVxz59NloKGHFFI6YPQDOthMUCCn8Xnlk8rzoYtyGzg453aDI1iAiuvBcdNlcPhX1DBE0kJ18ovpC6cz75kHVIVQiJnb9ZWrtRUyjFt+c/Qbhcgel3CTj3KzK/MkhtuGiWnc8KhELwYkxolkPRjgPd54b1ALH05vP8l2g1A4AawgGGCs6bk59XQ3KQC6N+DlxBa60u9P6aPxy6AloX1vp84UkRF5ykY+yrVJ9B3DjcHXVF4LHlRgcnTmGPUCGt5PapZXak1rEiILsFPENLirg04Vgb/PgXrTUmCYuzpMVW2QguCXy3Z1AUzHqSd10LUkMHJSFl8tXUo2Y9xdfA62HDghDOange6n0FSMRVfUt7kc8YeeoxQmpZCOs/obTOjScNuNfTysL7VvZ6QSVXAmhGed/HdNU0I3apMFwHbehZ7TpWtEZTE0SiW0VrM6U2tiJQLVfr/Lk1/F4MW89BqJrd/n+12Y92YOTED1aJsEhjzkvQ+dE2LmR9alJrHB2yMSwgy9SRcJpJGXKrgFwrcVCV5Zi1lX6MZsY0iRCa4Xew1rFjyxRnip+Kong4c8y1A7oxIIT9T+4xleKRGT1Dz2ZU9r06vXIPOE6sG1hm0XEZvEy50c/F050Go5nnEVESzRb+xVxxq4l6A8o4ScIMOEDjPT0jZ39AZ0n0ZrD/58XfGhyE1TgvJZfXU83WUDkE9HMLQp/uOtQpgjbodWDlJ0oNGB27Iap5rnXyX/DPdIRqZaUu/ow36wecg5aOWnZxFCdh9tdAapuybXrnWQ8vsplnhlFdQHOb5988jezqcuAhEcHJRzxJRM26uuAuwerRZUaVl97e1HNin2b0mRqhiqN1At6pHr6zq6dqL+P4KUALGRpZ2VzdD0scz1OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU5OYU4=
.sandyhookpromise.org/	1970-01-21 04:43:26	Name: _ga Value: GA1.2.1684879569.1710446064
.sandyhookpromise.org/	1970-01-20 19:08:52	Name: _gid Value: GA1.2.713575552.1710446065
.sandyhookpromise.org/	1970-01-20 19:07:26	Name: _gat_UA-37619533-1 Value: 1
takeaction.sandyhookpromise.org/	1970-01-21 03:53:02	Name: __spdt Value: 76c39a86e37646678fd228d5dc79e658
takeaction.sandyhookpromise.org/	1970-01-20 19:07:27	Name: ai_session Value: Y0RqN8mnidariheEW7ta3Z\|1710446064561\|1710446064561
.sandyhookpromise.org/	1970-01-21 03:53:02	Name: _hjSessionUser_2063953 Value: eyJpZCI6ImNlZWFjYmUyLTZlYzEtNTk1MS04ZDEwLWI0NjUzMDAyZDIxMSIsImNyZWF0ZWQiOjE3MTA0NDYwNjQ3MTEsImV4aXN0aW5nIjpmYWxzZX0=
.sandyhookpromise.org/	1970-01-20 19:07:27	Name: _hjSession_2063953 Value: eyJpZCI6IjFlZTk1NzM3LWE0NmUtNDI1ZS05OTgxLWFmODYwZmQyYWY2MSIsImMiOjE3MTA0NDYwNjQ3MTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.t.co/	1970-01-21 04:43:26	Name: muc_ads Value: 65e063d9-1154-4713-a853-a4c35a0fb0ea
.twitter.com/	1970-01-21 04:43:26	Name: personalization_id Value: "v1_YTmE1WkXwU9wm/goL5i/Fg=="
.sandyhookpromise.org/	1970-01-20 21:17:02	Name: _fbp Value: fb.1.1710446064835.1841406507
profile.ngpvan.com/	1970-01-21 04:43:26	Name: ngpvanuser Value: NVb4XqTPHiEkvXdZQxl%24MXXp
.sandyhookpromise.org/	1970-01-21 04:43:26	Name: _ga_7TKWPVM1K2 Value: GS1.1.1710446064.1.0.1710446065.59.0.0
.everyaction.com/	1970-01-21 03:51:44	Name: visid_incap_823975 Value: ZD4cAjDrS3u02+BCgMlj9+9V82UAAAAAQUIPAAAAAAAr/MV52+EFdm58fE5b1X17
.everyaction.com/	1969-12-31 23:59:59	Name: nlbi_823975 Value: /ThqCBujinQ1bOa9xwoUeQAAAAAodWuJPJuyQKDCnL4RH5xO
.everyaction.com/	1969-12-31 23:59:59	Name: incap_ses_1368_823975 Value: boe5IwS7XUfy4rASXx78EvBV82UAAAAA5VUsnnkqG6P5CRmtKeCD/A==
.mountain.com/	1970-01-21 04:43:26	Name: guid Value: a976bc66-e23c-11ee-b23c-ed390e9ff178
.px.mountain.com/	1970-01-21 04:43:26	Name: tt Value: H4sIAAAAAAAAAKtWKlOyMqoFAP609q8HAAAA

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1419151705020810?v=2.9.149&r=stable&domain=takeaction.sandyhookpromise.org&hme=8b8eb2472f555e54a8b57f2b720f9bd3b1bc6aed031525376dd772ba51107995&ex_m=63%2C107%2C95%2C99%2C54%2C3%2C89%2C62%2C14%2C87%2C80%2C45%2C47%2C153%2C156%2C167%2C163%2C164%2C166%2C26%2C90%2C46%2C69%2C165%2C148%2C151%2C160%2C161%2C168%2C116%2C13%2C44%2C172%2C171%2C118%2C16%2C30%2C33%2C1%2C37%2C58%2C59%2C60%2C64%2C84%2C15%2C12%2C86%2C83%2C82%2C96%2C98%2C32%2C97%2C27%2C23%2C149%2C152%2C125%2C25%2C9%2C10%2C11%2C5%2C6%2C22%2C19%2C20%2C50%2C55%2C57%2C67%2C91%2C24%2C68%2C8%2C7%2C72%2C42%2C18%2C93%2C92%2C17%2C74%2C79%2C41%2C40%2C78%2C34%2C36%2C77%2C49%2C75%2C29%2C38%2C66%2C0%2C85%2C4%2C81%2C73%2C76%2C2%2C31%2C56%2C35%2C94%2C39%2C71%2C61%2C100%2C53%2C52%2C28%2C88%2C51%2C48%2C43%2C70%2C65%2C21%2C101(Line 107) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://takeaction.sandyhookpromise.org/a/foundation Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline' data: blob:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
az416426.vo.msecnd.net
checkout.paypal.com
client-analytics.braintreegateway.com
connect.facebook.net
d3rse9xjbp8270.cloudfront.net
dc.services.visualstudio.com
doublethedonation.com
dx.mountain.com
evnt.byspotify.com
fastaction.ngpvan.com
fonts.googleapis.com
fonts.gstatic.com
gs.mountain.com
js.verygoodvault.com
missionwired.s3.amazonaws.com
nvlupin.blob.core.windows.net
payments.braintree-api.com
pixel.byspotify.com
prod.cdn.everyaction.com
profile.ngpvan.com
px.mountain.com
region1.analytics.google.com
script.hotjar.com
secure.everyaction.com
static.ads-twitter.com
static.everyaction.com
static.hotjar.com
stats.g.doubleclick.net
t.co
takeaction.sandyhookpromise.org
vc.hotjar.io
vgs-collect-keeper.apps.verygood.systems
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
104.244.42.3
104.244.42.69
13.248.139.42
13.32.27.27
13.32.27.54
13.32.27.64
146.75.120.157
18.172.112.109
18.66.112.19
18.66.97.10
192.229.221.25
20.50.88.244
20.60.58.97
2001:4860:4802:32::36
23.96.109.67
2600:9000:2251:da00:12:303c:8700:21
2600:9000:2490:6800:3:1d53:4780:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2a00:1450:4001:802::200a
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:828::2003
2a00:1450:400c:c06::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.219.226.109
3.69.121.132
34.111.186.1
34.117.162.98
35.81.162.201
44.209.137.118
45.223.139.238
45.60.33.183
52.89.99.220
54.156.2.105
54.231.232.97
02d1bfc3fb8b4eff4d80613794e94142267895398d35dbca72e8ca7ddb62ab54
10f8569426539490b11e5c73de111da0ff06319e6218c6a5bc3bc53cf7e049e7
19f79b5c8e190cb3ec9005a46a8c8f27d005399d4ada47916853e88290085e32
1bc2ef4188db38d8ba32ed3e68bf08ab4ec9da641fe05bdc6bd163f8477143cc
1c362bf1f46b8bc0b2e9c3f36bc85bd580e9ba0956903f0e52d5a2ba0c044d0a
20c0114a672ac0b5b31a1c0100543a2306bf389816ab20774b66e8f7b30fb60c
2a761ff64d36197e203c448bf2c1a3bc28e3c66beb95613fd3eea0a0712c817d
3047633986aedc3e3e18d271a0dca0443e83d510d04d8d3626705504f7ca1ee5
32eeeddefc8acfe73216a65d418ccb1daf74c75fe91b53d8da9e3e84a66467b1
351c0ee16c0f30a475a8e4cc0916e21e871fbc893d498709a69fb38f9b3e5502
37c9bd34a17ccc4a364e4bdc0c73f4e268e77e1e561da2be3ab46e72e4ce1558
422b962aff597c5aca5f9c3aa114fcea7f3fda6abcad9584510b36b3eecd0f09
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d7c0b71cb6af711f4f47b8049b04f99fb860d3731e4ccf3db8a0a11d589073d
50ee636f13b74948c3b143ad598ebc57ff83c19f57faa6365ab01de0641cd632
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
575b2165304d899b7001ab593aeee31b371a46aee8b899c22a87ab9313389eda
58d84748e5e3ec410c419f02f51bf0a66b0764b71751e5272a72b8047cd73fc8
60891a54df49aac87f56b67ebcd37582eae4b01e7b20b35b5b141a5ddd7e66c5
61dbcbef97240ee8e715b49b761817ae239fd06f8786d8c4f3b1d57e8a36d2c3
65dc78ce3ebea14300b4e4932517c45fefed0f21684eb08cc16ec2c5445736ad
6b5b8d9d9ffa6c2cc34b2bc6188cb900a6f1490983d0f16276ae7073978f1a5f
7cf4641497720eff15f2b923bdae3ffafe95044234ab5bf0028cb1f1e9e04186
7fb8434d130b3d8b35626e79607e40a1bf202c380fdcd6455f7739dace7588c8
80174969764673851b6aa49f7f2db4e556666c28a1a23466ab984b1743eb0aa7
80c9827e15777b93d54c692ec57e8d59cf6080df4a4c76a014a60aa0812bbbc0
8496a94dcfd779693def6ae3e607a923fece02f38491ef1462e7cb51cab12e7d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85267fa4a3e908d0c2778fc27bf13b384d2353c2d12e8d4c78982a3cfaa9636e
8591bd5866850d9ce6364055d34f31055fef11f1705518cae23d87a57ef99933
87927a182d2e1f6218aa17809f813095a64921c1e70f80d7dfe81c4f9d30dc8b
8c57eeba2aae51f847e739a3eb70428490dec74fea781b653cb8b5e345cc7b3a
8e41def4e7d37805de7577acfd2c7d7d4a52cc785eeef70787dacbd971837060
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9195f6dd0830a599d5504294b1416e4d0bb23634e2498195b4cc6412546472a5
9902c9bc412249e3fc6b9e5e9df5527049f6cfd9d4aea87dcc86c4c810869fc0
a6d3c586a481bb94e56dbec5d8e65be67cf23e1a7d0887ab7c17e720dd3f335b
a962d7d17cfa096734d22cb537749f58472cad0800905117de2d07711707f3c1
abddb998edc744d36888878493f9dfa2300a4a85f31516a0c7ed612f09de113a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b60497a77afdcb315e270ec5f6fe3d53797c486032fc6752523aa8c65be7b985
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bde98d03e692205a234f91cd6e3af67e9fe47a2b37fe4460f3dea6953f4f86f6
c2361b92ee7c501d8cbacb3e232d9a26ab07bd596b2fffad905c034aa17a21ce
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d5c974f1e5d7bbff53628c97444ed7201fd2e60f802096fe97dcb8bb88b92165
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dedad191cb087f16bc09a89edac8df890dc2a66cec61a3d84f721bedf51df21c
e055d32dc45811798f46a791390be0a2cb073b0c1a09fe16c3b6ba2b584b0bd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecd12a647323543a854931f58cab35fa8b6b2d7cab0b1110b12b8df8703f46a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8cd90a115716a8a878157a334a07a3da83fd4d2b2af318ada6e38b3600c276
f2bb4dee376206d9d121ca5f5d956e7953a0b7f7380095c59c367ef8a87b7178
f4d227760bde58fb03ce25b526cc6f8b4c94ce64583849ea80db79f91d44799c
fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb
fe62bab84590322ae4bfcde20dfb50a72c1b68b330c2a7f1b0aefb65999f16bc

takeaction.sandyhookpromise.org Open in urlscan Pro 13.32.27.27 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

34 %IPv6

30 Domains

38 Subdomains

38 IPs

4 Countries

1748 kBTransfer

5376 kBSize

21 Cookies

10 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

takeaction.sandyhookpromise.org Open in urlscan Pro
13.32.27.27 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

34 %
IPv6

30
Domains

38
Subdomains

38
IPs

4
Countries

1748 kB
Transfer

5376 kB
Size

21
Cookies

99 HTTP transactions
2 data transactions